|
From: | Bessone Danilo |
Subject: | R: RE : [lwip-users] Ping target ip address with a packet data bigthan 1500 |
Date: | Fri, 23 Nov 2007 10:38:42 +0100 |
Hi, I have encountered your
same problem. I made a little change at
the function pbuf_alloc() (pbuf.c file): Original (1.2.0 version),
line 254: /* make the payload
pointer point 'offset' bytes into pbuf data memory */ p->payload =
MEM_ALIGN((void *)((u8_t *)p + (sizeof(struct pbuf) + offset)));
LWIP_ASSERT("pbuf_alloc: pbuf p->payload properly aligned",
((mem_ptr_t)p->payload % MEM_ALIGNMENT) == 0); /* the total length
of the pbuf chain is the requested size */ p->tot_len =
length; /* set the length of
the first pbuf in the chain */ p->len = length
> PBUF_POOL_BUFSIZE - offset? PBUF_POOL_BUFSIZE - offset: length; /* set reference
count (needed here in case we fail) */ p->ref = 1; After the change
(modified or added lines maked with ‘=>’): /* make the
payload pointer point 'offset' bytes into pbuf data memory */ => p->payload =
MEM_ALIGN((void *)((u8_t *)p + sizeof(struct pbuf))); => p->payload =
MEM_ALIGN((void *)((u8_t *)p->payload + offset)); => offset = (u8_t
*) p->payload - (u8_t *)MEM_ALIGN((void *)((u8_t *)p + sizeof(struct
pbuf))); LWIP_ASSERT("pbuf_alloc:
pbuf p->payload properly aligned", ((mem_ptr_t)p->payload
% MEM_ALIGNMENT) == 0); /* the total length
of the pbuf chain is the requested size */ p->tot_len =
length; /* set the length of
the first pbuf in the chain */ p->len = length
> PBUF_POOL_BUFSIZE - offset? PBUF_POOL_BUFSIZE - offset: length; /* set reference
count (needed here in case we fail) */ p->ref = 1; In my opinion in the
original version the value assigned to p->len can be too large
(p->payload + p->len > p->next) and can cause writing, and
corruption, of data located at address beyond the top border of the allocated
pbuf. Now it work. I am not a lwIP expert so
I cannot guarantee if this modify work on cases different from mine. Regards, Danilo Da: address@hidden
[mailto:address@hidden Per conto di address@hidden Thanks for your reply, ping 192.168.2.13 -l 1400 lwip debug imformation is: pbuf_alloc(length=1442) 0x2a8c0, 0xd000000) when command is: ping 192.168.2.13 -l 1500 debug information is: pbuf_alloc(length=1514) then, it doesn't works!
Hi, Thank you to report these little problems.
I just fix 1), 2) and 3). About 4), when you said a "1500
data packet", do you talk about the ICMP payload, or the whole frame ?
(perhaps post a capture file to be sure). I remember there was a change on ICMP
processing for such case. I will take a look this evening... ==================================== P Avant d'imprimer, penser à l'environnement
--------------------------------------------------------------------
CONFIDENTIALITY NOTICE This message and its attachments are addressed solely to the persons above and may contain confidential information. If you have received the message in error, be informed that any use of the content hereof is prohibited. Please return it immediately to the sender and delete the message. Should you have any questions, please contact us by replying to address@hidden. Thank you www.telecomitalia.it -------------------------------------------------------------------- |
[Prev in Thread] | Current Thread | [Next in Thread] |