lwip-devel
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[lwip-devel] [bug #60607] IP traffic "leaks" between netifs

From: Patrik Lantto
Subject: [lwip-devel] [bug #60607] IP traffic "leaks" between netifs
Date: Fri, 14 May 2021 16:16:39 -0400 (EDT)
User-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.93 Safari/537.36 Edg/90.0.818.56 
URL:
  <https://savannah.nongnu.org/bugs/?60607>

                 Summary: IP traffic "leaks" between netifs
                 Project: lwIP - A Lightweight TCP/IP stack
            Submitted by: patriklantto
            Submitted on: Fri 14 May 2021 08:16:37 PM UTC
                Category: IPv4
                Severity: 3 - Normal
              Item Group: Faulty Behaviour
                  Status: None
                 Privacy: Public
             Assigned to: None
             Open/Closed: Open
         Discussion Lock: Any
         Planned Release: None
            lwIP version: git head

    _______________________________________________________

Details:

When multiple netifs are used, IP traffic that is passed (via tcpip_input) to
lwIP on one netif can be received on a different netif.

The "problematic" part of the code is in ip4_input where ip4_input_accept is
called for the netif on which the ethernet frame was received. If that is not
accepting the input, e.g. due to not having received an IP address from DHCP
yet, all other netifs are searched to see if any of those netifs would accept
the input. E.g. a broadcast packet received on one physical netif could be
perceived as received on a completely different netif which could obviously
lead to very strange issues (corresponding code also exists in ip6_input):


    /* start trying with inp. if that's not acceptable, start walking the
       list of configured netifs. */
    if (ip4_input_accept(inp)) {
      netif = inp;
    } else {
      netif = NULL;
#if !LWIP_NETIF_LOOPBACK || LWIP_HAVE_LOOPIF
      /* Packets sent to the loopback address must not be accepted on an
       * interface that does not have the loopback address assigned to it,
       * unless a non-loopback interface is used for loopback traffic. */
      if (!ip4_addr_isloopback(ip4_current_dest_addr()))
#endif /* !LWIP_NETIF_LOOPBACK || LWIP_HAVE_LOOPIF */
      {
#if !LWIP_SINGLE_NETIF
        NETIF_FOREACH(netif) {
          if (netif == inp) {
            /* we checked that before already */
            continue;
          }
          if (ip4_input_accept(netif)) {
            break;
          }
        }
#endif /* !LWIP_SINGLE_NETIF */
      }
    }


On a system using ethernet_input, I cannot really see any reason whatsoever
why the complete list of netifs should be searched to find an interface that
would accept the packet if the input netif does not. But I assume (hope!?)
there is some reason for that code to exist?




    _______________________________________________________

Reply to this item at:

  <https://savannah.nongnu.org/bugs/?60607>

_______________________________________________
  Message sent via Savannah
  https://savannah.nongnu.org/
reply via email to
[Prev in Thread] Current Thread [Next in Thread]