From dgilbert@office.tor.velocet.net  Mon Jul  3 20:16:04 2000
Return-Path: <dgilbert@office.tor.velocet.net>
Received: from sabre.velocet.net (sabre.velocet.net [198.96.118.66])
	by hub.freebsd.org (Postfix) with ESMTP id 27C9137C2D6
	for <FreeBSD-gnats-submit@freebsd.org>; Mon,  3 Jul 2000 20:16:03 -0700 (PDT)
	(envelope-from dgilbert@office.tor.velocet.net)
Received: from office.tor.velocet.net (trooper.velocet.net [216.126.82.226])
	by sabre.velocet.net (Postfix) with ESMTP id 6F20A137F06
	for <FreeBSD-gnats-submit@freebsd.org>; Mon,  3 Jul 2000 23:16:01 -0400 (EDT)
Received: (from dgilbert@localhost)
	by office.tor.velocet.net (8.9.3/8.9.3) id XAA36155;
	Mon, 3 Jul 2000 23:15:11 -0400 (EDT)
	(envelope-from dgilbert)
Message-Id: <200007040315.XAA36155@office.tor.velocet.net>
Date: Mon, 3 Jul 2000 23:15:11 -0400 (EDT)
From: David Gilbert <dgilbert@velocet.ca>
Sender: dgilbert@office.tor.velocet.net
Reply-To: dgilbert@velocet.ca
To: FreeBSD-gnats-submit@freebsd.org
Subject: Adding some KASSERTS v1
X-Send-Pr-Version: 3.2

>Number:         19688
>Category:       kern
>Synopsis:       Some boundry checking KASSERTS in networking code
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    jlemon
>State:          closed
>Quarter:        
>Keywords:       
>Date-Required:  
>Class:          change-request
>Submitter-Id:   current-users
>Arrival-Date:   Mon Jul 03 20:20:00 PDT 2000
>Closed-Date:    Fri Jun 15 14:23:35 PDT 2001
>Last-Modified:  Fri Jun 15 14:25:30 PDT 2001
>Originator:     David Gilbert
>Release:        FreeBSD 4.0-STABLE i386
>Organization:
Velocet Communications
>Environment:

I'm running this against 4.0-STABLE, but this can probably apply
better debugging to several branches.

>Description:

I'm trying to track down other bugs, so I'm going through networking
file-by-file looking for possibly array overflows (which I belive
my problem to be).  Anyways, I felt that it might be useful if I
contributed some of my KASSERT()'s back to the tree.  Someone can
slap my fingers if this is misguided.

>How-To-Repeat:

	heh.

>Fix:


--- /sys/net/hostcache.c	Fri Aug 27 20:48:15 1999
+++ hostcache.c	Mon Jul  3 23:08:34 2000
@@ -55,6 +55,8 @@
 	struct hchead *heads;
 	u_long nelem;
 
+        KASSERT(af >= 0 && af < AF_MAX, ("hc_init: af=%d out of range", af));
+        
 	hct = &hctable[af];
 	nelem = init_nelem;
 	if (hct->hct_nentries)
@@ -86,6 +88,9 @@
 	struct hctable *hct;
 	int s;
 
+        KASSERT(sa->sa_family >=0 && sa->sa_family < AF_MAX,
+                ("hc_get: sa_family=%d out o frange", sa->sa_family));
+
 	hct = &hctable[sa->sa_family];
 	if (hct->hct_nentries == 0)
 		return 0;
@@ -150,6 +155,10 @@
 	u_long hash;
 	int s;
 
+        KASSERT(hc->hc_host->sa_family >=0 && hc->hc_host->sa_family < AF_MAX,
+                ("hc_insert: sa_family=%d out of range",
+                 hc->hc_host->sa_family));
+        
 	hct = &hctable[hc->hc_host->sa_family];
 	hash = hct->hct_cb->hccb_hash(hc->hc_host, hct->hct_nentries);
 	


>Release-Note:
>Audit-Trail:

From: Bill Fumerola <billf@chimesnet.com>
To: David Gilbert <dgilbert@velocet.ca>
Cc: FreeBSD-gnats-submit@freebsd.org
Subject: Re: kern/19688: Adding some KASSERTS v1
Date: Mon, 3 Jul 2000 23:26:20 -0400

 On Mon, Jul 03, 2000 at 11:15:11PM -0400, David Gilbert wrote:
 
 > >Description:
 > 
 > I'm trying to track down other bugs, so I'm going through networking
 > file-by-file looking for possibly array overflows (which I belive
 > my problem to be).  Anyways, I felt that it might be useful if I
 > contributed some of my KASSERT()'s back to the tree.  Someone can
 > slap my fingers if this is misguided.
 > 
 > >How-To-Repeat:
 > 
 > 	heh.
 > 
 > >Fix:
 > 
 > 
 > --- /sys/net/hostcache.c	Fri Aug 27 20:48:15 1999
 > +++ hostcache.c	Mon Jul  3 23:08:34 2000
 > @@ -55,6 +55,8 @@
 >  	struct hchead *heads;
 >  	u_long nelem;
 >  
 > +        KASSERT(af >= 0 && af < AF_MAX, ("hc_init: af=%d out of range", af));
 > +        
 >  	hct = &hctable[af];
 >  	nelem = init_nelem;
 >  	if (hct->hct_nentries)
 [...]
 
 I can't tell you misguided or not, I can tell you that it's misindented though :->
 
 
 -- 
 Bill Fumerola - Network Architect / Computer Horizons Corp - CHIMES
 e-mail: billf@chimesnet.com / billf@FreeBSD.org
 
 
 
 

From: David Gilbert <dgilbert@velocet.ca>
To: Bill Fumerola <billf@chimesnet.com>
Cc: David Gilbert <dgilbert@velocet.ca>,
	FreeBSD-gnats-submit@freebsd.org
Subject: Re: kern/19688: Adding some KASSERTS v1
Date: Mon, 3 Jul 2000 23:41:42 -0400 (EDT)

 >>>>> "Bill" == Bill Fumerola <billf@chimesnet.com> writes:
 
 Bill> On Mon, Jul 03, 2000 at 11:15:11PM -0400, David Gilbert wrote:
 >> >Description:
 >> 
 >> I'm trying to track down other bugs, so I'm going through
 >> networking file-by-file looking for possibly array overflows (which
 >> I belive my problem to be).  Anyways, I felt that it might be
 >> useful if I contributed some of my KASSERT()'s back to the tree.
 >> Someone can slap my fingers if this is misguided.
 >> 
 >> >How-To-Repeat:
 >> 
 >> heh.
 >> 
 >> >Fix:
 >> 
 >> 
 >> --- /sys/net/hostcache.c Fri Aug 27 20:48:15 1999 +++ hostcache.c
 >> Mon Jul 3 23:08:34 2000 @@ -55,6 +55,8 @@ struct hchead *heads;
 >> u_long nelem;
 >> 
 >> + KASSERT(af >= 0 && af < AF_MAX, ("hc_init: af=%d out of range",
 >> af)); + hct = &hctable[af]; nelem = init_nelem; if
 >> (hct->hct_nentries)
 Bill> [...]
 
 Bill> I can't tell you misguided or not, I can tell you that it's
 Bill> misindented though :->
 
 Are we dealing with a tab-stop differenece here?  I believe that the
 code looks the same when I'm looking at it in my editor.
 
 Dave.
 
 -- 
 ============================================================================
 |David Gilbert, Velocet Communications.       | Two things can only be     |
 |Mail:       dgilbert@velocet.net             |  equal if and only if they |
 |http://www.velocet.net/~dgilbert             |   are precisely opposite.  |
 =========================================================GLO================
 

From: Bill Fumerola <billf@chimesnet.com>
To: David Gilbert <dgilbert@velocet.ca>
Cc: FreeBSD-gnats-submit@freebsd.org
Subject: Re: kern/19688: Adding some KASSERTS v1
Date: Mon, 3 Jul 2000 23:42:55 -0400

 On Mon, Jul 03, 2000 at 11:41:42PM -0400, David Gilbert wrote:
 
 > Bill> I can't tell you misguided or not, I can tell you that it's
 > Bill> misindented though :->
 > 
 > Are we dealing with a tab-stop differenece here?  I believe that the
 > code looks the same when I'm looking at it in my editor.
 
 Yes. Look how it is different in the delta, if it was indented the
 same the delta would be indented the same way.
 
 style(9) says to match the existing style of the file...
 
 -- 
 Bill Fumerola - Network Architect / Computer Horizons Corp - CHIMES
 e-mail: billf@chimesnet.com / billf@FreeBSD.org
 
 
 
 
Responsible-Changed-From-To: freebsd-bugs->wollman 
Responsible-Changed-By: sheldonh 
Responsible-Changed-When: Wed Jul 5 03:04:42 PDT 2000 
Responsible-Changed-Why:  
This is Garrett's baby and he can manage PR's again. :-) 

http://www.freebsd.org/cgi/query-pr.cgi?pr=19688 
Responsible-Changed-From-To: wollman->jlemon 
Responsible-Changed-By: sheldonh 
Responsible-Changed-When: Wed Jul 5 03:26:27 PDT 2000 
Responsible-Changed-Why:  
Oops, the last time Garrett and I discussed PRs, he asked me not 
to assign them to him.   

Jonathan, could you look at this one? 

http://www.freebsd.org/cgi/query-pr.cgi?pr=19688 
State-Changed-From-To: open->closed 
State-Changed-By: jlemon 
State-Changed-When: Fri Jun 15 14:23:35 PDT 2001 
State-Changed-Why:  
Useful KASSERTS are always welcomed if they provide a benefit. 
However, the file in question has never been used, and is not  
likely to be used in its current form in the near future. 


http://www.FreeBSD.org/cgi/query-pr.cgi?pr=19688 
>Unformatted:
