[Qemu-devel] [PATCH 1/2] Fix slirp udp source address contamination

[Jason Wessel]

When using slirp the "special address" translation should only be
used when the source address is the loopback, else the udp packets
show up with the wrong source address and cannot be routed back to the
original source by applications running inside the QEMU instance.

The problem can be observed by using kgdboe from inside QEMU where you
add a port redirection with slirp networking such as "-redir
udp:4445::6443".  Using a second host or connecting gdb to the IP
address address of the host that the QEMU instance is running on
instead of using the loopback address will fail because the source
address will get translated when it goes through the redirection.

With the patch, you can connect to kgdboe via the loopback on port
4445 or from another host.

Signed-off-by: Jason Wessel <address@hidden>
---
 slirp/udp.c |    3 ++-
 1 files changed, 2 insertions(+), 1 deletions(-)

diff --git a/slirp/udp.c b/slirp/udp.c
index c48923b..0dd7da6 100644
--- a/slirp/udp.c
+++ b/slirp/udp.c
@@ -318,7 +318,8 @@ int udp_output(struct socket *so, struct mbuf *m,
     struct sockaddr_in saddr, daddr;
 
     saddr = *addr;
-    if ((so->so_faddr.s_addr & htonl(0xffffff00)) == special_addr.s_addr) {
+    if ((so->so_faddr.s_addr & htonl(0xffffff00)) == special_addr.s_addr &&
+        addr->sin_addr.s_addr == htonl(0x7f000001)) {
         saddr.sin_addr.s_addr = so->so_faddr.s_addr;
         if ((so->so_faddr.s_addr & htonl(0x000000ff)) == htonl(0xff))
             saddr.sin_addr.s_addr = alias_addr.s_addr;
-- 
1.5.4