Define a new IP checksum function that is resistant to undefined signed

overflow when given ridiculously large data lengths.  In practice, undefined
behavior would never occur with the previous function since it would have
required IP packets >128KiB bytes in length and the maximum length for an
IP packet is 64KiB.

The new checksum function is also a bit more flexible (allowing a starting
checksum value != 0), clearly is endian independent, and does no typesystem
abuse.  It's boringly correct standard C.

Use C99 structure initializers for forming raw UDP packets for send.
This commit is contained in:
Nicholas J. Kain 2011-06-26 10:21:02 -04:00
parent f43b656673
commit 7d0e05504f

View File

@ -202,29 +202,31 @@ static int get_packet(struct dhcpMessage *packet, int fd)
return bytes; return bytes;
} }
// Compute Internet Checksum for @count bytes beginning at location @addr. // This function is not suitable for summing buffers that are greater than
static uint16_t checksum(void *addr, int count) // 128k-1 bytes in length: failure case will be incorrect checksums via
// unsigned overflow, which is a defined operation and is safe. This limit
// should not be an issue for IPv4 or IPv6 packet, which are limited to
// at most 64k bytes.
static uint16_t net_checksum(void *buf, size_t size, uint16_t init)
{ {
register int32_t sum = 0; uint32_t sum = init;
uint16_t *source = (uint16_t *)addr; int odd = size & 0x01;
size_t i;
while (count > 1) { size &= ~((size_t)0x01);
sum += *source++; size >>= 1;
count -= 2; uint8_t *b = buf;
for (i = 0; i < size; ++i) {
uint16_t hi = b[i*2];
uint16_t lo = b[i*2+1];
sum += ntohs((lo + (hi << 8)));
} }
if (odd) {
/* Add left-over byte, if any */ uint16_t hi = b[i*2];
if (count > 0) { uint16_t lo = 0;
/* Make sure that the left-over byte is added correctly both sum += ntohs((lo + (hi << 8)));
* with little and big endian hosts */
uint16_t tmp = 0;
*(uint8_t *)&tmp = *(uint8_t *)source;
sum += tmp;
} }
/* Fold 32-bit sum to 16 bits */ sum = (sum >> 16) + (sum & 0xffff);
while (sum >> 16) sum += sum >> 16;
sum = (sum & 0xffff) + (sum >> 16);
return ~sum; return ~sum;
} }
@ -262,7 +264,7 @@ static int get_raw_packet(struct dhcpMessage *payload, int fd)
} }
check = packet.ip.check; check = packet.ip.check;
packet.ip.check = 0; packet.ip.check = 0;
if (check != checksum(&packet.ip, sizeof packet.ip)) { if (check != net_checksum(&packet.ip, sizeof packet.ip, 0)) {
log_line("IP header checksum incorrect"); log_line("IP header checksum incorrect");
return -2; return -2;
} }
@ -285,7 +287,7 @@ static int get_raw_packet(struct dhcpMessage *payload, int fd)
packet.ip.tot_len = packet.udp.len; /* cheat on the psuedo-header */ packet.ip.tot_len = packet.udp.len; /* cheat on the psuedo-header */
check = packet.udp.check; check = packet.udp.check;
packet.udp.check = 0; packet.udp.check = 0;
if (check && check != checksum(&packet, len)) { if (check && check != net_checksum(&packet, len, 0)) {
log_error("Packet with bad UDP checksum received, ignoring"); log_error("Packet with bad UDP checksum received, ignoring");
return -2; return -2;
} }
@ -329,33 +331,36 @@ static int send_dhcp_raw(struct dhcpMessage *payload)
goto out_fd; goto out_fd;
} }
struct ip_udp_dhcp_packet packet;
memset(&packet, 0, offsetof(struct ip_udp_dhcp_packet, data));
packet.data = *payload;
// Send packets that are as short as possible, since some servers are buggy // Send packets that are as short as possible, since some servers are buggy
// and drop packets that are longer than 562 bytes. // and drop packets that are longer than 562 bytes.
ssize_t endloc = get_end_option_idx(packet.data.options, ssize_t endloc = get_end_option_idx(payload->options, DHCP_OPTIONS_BUFSIZE);
DHCP_OPTIONS_BUFSIZE);
if (endloc == -1) { if (endloc == -1) {
log_error("send_dhcp_raw: attempt to send packet with no DHCP_END"); log_error("send_dhcp_raw: attempt to send packet with no DHCP_END");
goto out_fd; goto out_fd;
} }
unsigned int padding = DHCP_OPTIONS_BUFSIZE - 1 - endloc; unsigned int padding = DHCP_OPTIONS_BUFSIZE - 1 - endloc;
packet.ip.protocol = IPPROTO_UDP; struct ip_udp_dhcp_packet packet = {
packet.ip.saddr = INADDR_ANY; .ip = {
packet.ip.daddr = INADDR_BROADCAST; .protocol = IPPROTO_UDP,
packet.udp.source = htons(DHCP_CLIENT_PORT); .saddr = INADDR_ANY,
packet.udp.dest = htons(DHCP_SERVER_PORT); .daddr = INADDR_BROADCAST,
packet.udp.len = htons(UPD_DHCP_SIZE - padding); .tot_len = htons(UPD_DHCP_SIZE - padding),
},
.udp = {
.source = htons(DHCP_CLIENT_PORT),
.dest = htons(DHCP_SERVER_PORT),
.len = htons(UPD_DHCP_SIZE - padding),
},
.data = *payload,
};
// UDP checksumming needs a temporary pseudoheader with a fake length. // UDP checksumming needs a temporary pseudoheader with a fake length.
packet.ip.tot_len = packet.udp.len; packet.udp.check = net_checksum(&packet, IP_UPD_DHCP_SIZE - padding, 0);
packet.udp.check = checksum(&packet, IP_UPD_DHCP_SIZE - padding);
// Set the true IP packet length for the final packet. // Set the true IP packet length for the final packet.
packet.ip.tot_len = htons(IP_UPD_DHCP_SIZE - padding); packet.ip.tot_len = htons(IP_UPD_DHCP_SIZE - padding);
packet.ip.ihl = sizeof packet.ip >> 2; packet.ip.ihl = sizeof packet.ip >> 2;
packet.ip.version = IPVERSION; packet.ip.version = IPVERSION;
packet.ip.ttl = IPDEFTTL; packet.ip.ttl = IPDEFTTL;
packet.ip.check = checksum(&packet.ip, sizeof packet.ip); packet.ip.check = net_checksum(&packet.ip, sizeof packet.ip, 0);
r = safe_sendto(fd, (const char *)&packet, IP_UPD_DHCP_SIZE - padding, r = safe_sendto(fd, (const char *)&packet, IP_UPD_DHCP_SIZE - padding,
0, (struct sockaddr *)&dest, sizeof dest); 0, (struct sockaddr *)&dest, sizeof dest);