Bug 2177 – Ipv6ExtensionFragmentHeader length is initialized to a wrong value.

Bug 2177 - Ipv6ExtensionFragmentHeader length is initialized to a wrong value.


Summary:	Ipv6ExtensionFragmentHeader length is initialized to a wrong value.

Status:	RESOLVED FIXED

Product:	ns-3
Classification:	Unclassified
Component:	ipv6
Version:	ns-3-dev
Hardware:	All All

Importance:	P5 minor
Assigned To:	Tommaso Pecorella

URL:
Keywords:

Depends on:
Blocks:
	Show dependency tree / graph

Reported:	2015-09-06 12:27 UTC by Tommaso Pecorella
Modified:	2015-09-19 10:28 UTC (History)
CC List:	1 user (show)

See Also:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Tommaso Pecorella 2015-09-06 12:27:13 UTC

Erroneous use of SetLength in Ipv6ExtensionFragmentHeader can lead to a 2048 extension header length.
Reported by Hajar Hantouti <hajar.hantouti@gmail.com>

Comment 1 Tommaso Pecorella 2015-09-06 16:56:14 UTC

Pushed a temporary fix in changeset 11649:d1bbecfd11d4

Leaving the bug open to have a better fix and a more optimized code.
The following code is simply a nightmare:
  SetLength ((i.ReadU8 () + 1) << 3);
Where SetLength is
  m_length = (length >> 3) - 1;

m_length should be protected, and sub-classes should be able to modify it directly.

Comment 2 Tommaso Pecorella 2015-09-19 10:28:32 UTC

Complete fix in changeset:   11673:71b37dda3fe8

m_length is now protected instead of private, allowing an easier processing by sub-options.
Moreover, the LooseRouting Extension header had an hardcoded address length (nobody ever noticed this?)