Re: 2.2.14-pre10 NFS bug: off by sizeof(int)

Gilbert Ramirez (gram@xiexie.org)
Wed, 8 Dec 1999 18:07:37 -0600

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Jeff Garzik: "Re: Yamaha Sound Drivers"
Previous message: Ulrich Drepper: "Re: SIGCONT misbehaviour in Linux"

I just wanted to let you know that your intuition was correct;
the bad NFS packets that I saw were a result of in-kernel re-writing.
The following is an exchange between client and server. I'm again
sniffing on the server. The packet looks bad -- the name should
be "column.h" (a filename length which is a multiple of 4),
but the file is found and a succussful reply is sent.

thanks,

--gilbert

Frame (170 on wire, 170 captured)
Arrival Time: Dec 8, 1999 17:58:27.8254
Time delta from previous packet: 0.000000 seconds
Frame Number: 1039
Packet Length: 170 bytes
Capture Length: 170 bytes
Ethernet II
Destination: 00:c0:4f:6b:9f:e0 (00:c0:4f:6b:9f:e0)
Source: 00:c0:4f:6b:9f:78 (00:c0:4f:6b:9f:78)
Type: IP (0x0800)
Internet Protocol
Version: 4
Header length: 20 bytes
Type of service: 0x00 (None)
000. .... = Precedence: routine (0)
...0 .... = Delay: Normal
.... 0... = Throughput: Normal
.... .0.. = Reliability: Normal
.... ..0. = Cost: Normal
Total Length: 156
Identification: 0x867c
Flags: 0x00
.0.. = Don't fragment: Not set
..0. = More fragments: Not set
Fragment offset: 0
Time to live: 64
Protocol: UDP (0x11)
Header checksum: 0x9675 (correct)
Source: louie.dev.tivoli.com (146.84.28.92)
Destination: dewey.dev.tivoli.com (146.84.28.91)
User Datagram Protocol
Source port: 794 (794)
Destination port: 2049 (2049)
Length: 136
Checksum: 0x232a
Remote Procedure Call
XID: 0x16c8b8c5 (382253253)
Message Type: Call (0)
RPC Version: 2
Program: NFS (100003)
Program Version: 2
Procedure: LOOKUP (4)
Credentials
Flavor: AUTH_UNIX (1)
Length: 44
Stamp: 0x0002a5aa
Machine Name: louie.dev.tivoli.com
length: 20
contents: louie.dev.tivoli.com
UID: 4462
GID: 40
Auxiliary GIDs
GID: 40
Verifier
Flavor: AUTH_NULL (0)
Length: 0
Network File System
Program Version: 2
Procedure: LOOKUP (4)
where
dir
file handle (opaque data)
Name: mn.h<TRUNCATED>
length: 1668246645
contents: mn.h<TRUNCATED>

0 00c0 4f6b 9fe0 00c0 4f6b 9f78 0800 4500 ..Ok....Ok.x..E.
10 009c 867c 0000 4011 9675 9254 1c5c 9254 ...|..@..u.T.\.T
20 1c5b 031a 0801 0088 232a 16c8 b8c5 0000 .[......#*......
30 0000 0000 0002 0001 86a3 0000 0002 0000 ................
40 0004 0000 0001 0000 002c 0002 a5aa 0000 .........,......
50 0014 6c6f 7569 652e 6465 762e 7469 766f ..louie.dev.tivo
60 6c69 2e63 6f6d 0000 116e 0000 0028 0000 li.com...n...(..
70 0001 0000 0028 0000 0000 0000 0000 caba .....(..........
80 ebfe 6848 1e00 57e8 0500 1108 0000 1108 ..hH..W.........
90 0000 0168 0000 9c72 890b 0000 0000 636f ...h...r......co
a0 6c75 6d6e 2e68 006e 2e68 lumn.h.n.h

Frame (170 on wire, 170 captured)
Arrival Time: Dec 8, 1999 17:58:27.8257
Time delta from previous packet: 0.000209 seconds
Frame Number: 1040
Packet Length: 170 bytes
Capture Length: 170 bytes
Ethernet II
Destination: 00:c0:4f:6b:9f:78 (00:c0:4f:6b:9f:78)
Source: 00:c0:4f:6b:9f:e0 (00:c0:4f:6b:9f:e0)
Type: IP (0x0800)
Internet Protocol
Version: 4
Header length: 20 bytes
Type of service: 0x00 (None)
000. .... = Precedence: routine (0)
...0 .... = Delay: Normal
.... 0... = Throughput: Normal
.... .0.. = Reliability: Normal
.... ..0. = Cost: Normal
Total Length: 156
Identification: 0x01d0
Flags: 0x00
.0.. = Don't fragment: Not set
..0. = More fragments: Not set
Fragment offset: 0
Time to live: 64
Protocol: UDP (0x11)
Header checksum: 0x1b22 (correct)
Source: dewey.dev.tivoli.com (146.84.28.91)
Destination: louie.dev.tivoli.com (146.84.28.92)
User Datagram Protocol
Source port: 2049 (2049)
Destination port: 794 (794)
Length: 136
Checksum: 0x8c5e
Remote Procedure Call
XID: 0x16c8b8c5 (382253253)
Message Type: Reply (1)
Program: NFS (100003)
Program Version: 2
Procedure: LOOKUP (4)
Reply State: accepted (0)
Verifier
Flavor: AUTH_NULL (0)
Length: 0
Accept State: RPC executed successfully (0)
Network File System
Program Version: 2
Procedure: LOOKUP (4)
status: OK (0)
file
file handle (opaque data)
attributes
type: Regular File (1)
mode: 0100444
100. .... .... .... = Regular File
.... 0... .... .... = not SUID
.... .0.. .... .... = not SGID
.... ..0. .... .... = not save swapped text
.... ...1 .... .... = Read permission for owner
.... .... 0... .... = no Write permission for owner
.... .... .0.. .... = no Execute permission for owner
.... .... ..1. .... = Read permission for group
.... .... ...0 .... = no Write permission for group
.... .... .... 0... = no Execute permission for group
.... .... .... .1.. = Read permission for others
.... .... .... ..0. = no Write permission for others
.... .... .... ...0 = no Execute permission for others
nlink: 1
uid: 4462
gid: 4462
size: 1941
blocksize: 4096
rdev: 0
blocks: 4
fsid: 2065
fileid: 1984646
atime: 944697036.000000
seconds: 944697036
micro seconds: 0
mtime: 943301096.000000
seconds: 943301096
micro seconds: 0
ctime: 943301485.000000
seconds: 943301485
micro seconds: 0

0 00c0 4f6b 9f78 00c0 4f6b 9fe0 0800 4500 ..Ok.x..Ok....E.
10 009c 01d0 0000 4011 1b22 9254 1c5b 9254 ......@..".T.[.T
20 1c5c 0801 031a 0088 8c5e 16c8 b8c5 0000 .\.......^......
30 0001 0000 0000 0000 0000 0000 0000 0000 ................
40 0000 0000 0000 caba ebfe 8648 1e00 6848 ...........H..hH
50 1e00 1108 0000 1108 0000 0168 0000 c372 ...........h...r
60 890b 0000 0000 0000 0001 0000 8124 0000 .............$..
70 0001 0000 116e 0000 116e 0000 0795 0000 .....n...n......
80 1000 0000 0000 0000 0004 0000 0811 001e ................
90 4886 384e eecc 0000 0000 3839 a1e8 0000 H.8N......89....
a0 0000 3839 a36d 0000 0000 ..89.m....

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/

Next message: Jeff Garzik: "Re: Yamaha Sound Drivers"
Previous message: Ulrich Drepper: "Re: SIGCONT misbehaviour in Linux"