[OpenSER-Devel] [ openser-Bugs-1888101 ] Patch to bug in hash.c (permission module)
SourceForge.net
noreply at sourceforge.net
Mon Jun 30 12:44:47 CEST 2008
Bugs item #1888101, was opened at 2008-02-06 18:29
Message generated for change (Comment added) made by henningw
You can respond by visiting:
https://sourceforge.net/tracker/?func=detail&atid=743020&aid=1888101&group_id=139143
Please note that this message will contain a full copy of the comment thread,
including the initial issue submission, for this request,
not just the latest update.
Category: modules
Group: ver 1.3.x
Status: Open
Resolution: None
Priority: 5
Private: No
Submitted By: Giovanni Coriasco (gcoriasco)
Assigned to: Henning Westerholt (henningw)
Summary: Patch to bug in hash.c (permission module)
Initial Comment:
I'm running an Openser version 1.3.0 on a Linux machine.
I think I found a bug in the "permissions" module. The allow_address() and allow_source_address() operate properly only with /0, /8, /16, /24, /32 netmasks so far.
The problem is in the fact that a shift operator (<<) is used with addresses in network byte order.
In fact, an IP address A.B.C.D has the following form in network byte order:
ddddddddccccccccbbbbbbbbaaaaaaaa
where the aaa are the bits (in LITTLE endian format) of the byte A.
The problem with the shift operation is that the byte order is BIG endian, BUT each byte has a LITTLE endian order for its bits.
Instead, in host byte order, both bits and bytes have little endian format and you just have to invert the shift operation (<< to >> and >> to <<).
The patch I wrote converts the address to host byte order before shifting and convert back the result to network byte order.
----------------------------------------------------------------------
>Comment By: Henning Westerholt (henningw)
Date: 2008-06-30 10:44
Message:
Logged In: YES
user_id=337916
Originator: NO
I've applied the patch to the trunk and also added a small test case for
this bug (35.sh). I'll backport it to the 1.3 branch in a few days.
Thanks,
Henning
----------------------------------------------------------------------
Comment By: Henning Westerholt (henningw)
Date: 2008-06-27 15:45
Message:
Logged In: YES
user_id=337916
Originator: NO
I'll take a look.
Henning
----------------------------------------------------------------------
Comment By: Giovanni Coriasco (gcoriasco)
Date: 2008-06-26 13:07
Message:
Logged In: YES
user_id=2002223
Originator: YES
Hi,
Yeah, I'm running the patch in production
Concerning bug 1925738, I don't think it is the same issue cause
allow_trusted operates only on single host addresses, not network
addresses, so that subnetwork information is not used. Otherwise, the bug I
think to have found relates to subnetwork address calculation.
Giovanni
----------------------------------------------------------------------
Comment By: Henning Westerholt (henningw)
Date: 2008-06-26 12:56
Message:
Logged In: YES
user_id=337916
Originator: NO
Hi,
i found also another bug, 1925738 that is perhaps related to this one. Do
you run this patch in production?
Henning
----------------------------------------------------------------------
Comment By: Giovanni Coriasco (gcoriasco)
Date: 2008-06-26 12:49
Message:
Logged In: YES
user_id=2002223
Originator: YES
Hi Henning,
I'm using a virtual machine with i386 architecture, running on a Intel(R)
Xeon(TM) CPU 3.20GHz server. The OS is a Linux Slackware
----------------------------------------------------------------------
Comment By: Henning Westerholt (henningw)
Date: 2008-06-26 11:44
Message:
Logged In: YES
user_id=337916
Originator: NO
Hi Giovanni,
i looks that this bug is still not fixed. Do run OpenSER on a certain (not
that common) architecture? Otherwise i would think that more people would
run into this bug..
Cheers,
Henning
----------------------------------------------------------------------
Comment By: Bogdan-Andrei Iancu (bogdan_iancu)
Date: 2008-03-10 15:24
Message:
Logged In: YES
user_id=1275325
Originator: NO
Hi Giovanni,
This looks like a bug, so I re-posting your message accordingly.
Thanks and Regards,
Bogdan
----------------------------------------------------------------------
You can respond by visiting:
https://sourceforge.net/tracker/?func=detail&atid=743020&aid=1888101&group_id=139143
More information about the Devel
mailing list