From 787d3210186ed1c1d0479fd7c0cc0ca6256380ff Mon Sep 17 00:00:00 2001
From: Mike Karels <karels@ucbvax.Berkeley.EDU>
Date: Tue, 21 Feb 1989 01:21:25 -0800
Subject: [PATCH] don't use same buffer for input and output, as that leads to
 race

SCCS-vsn: sbin/routed/input.c 5.20
SCCS-vsn: sbin/routed/main.c 5.17
SCCS-vsn: sbin/routed/trace.h 5.7
---
 usr/src/sbin/routed/input.c | 30 ++++++++++++++++--------------
 usr/src/sbin/routed/main.c  | 16 ++++++++++------
 usr/src/sbin/routed/trace.h |  8 ++++----
 3 files changed, 30 insertions(+), 24 deletions(-)

diff --git a/usr/src/sbin/routed/input.c b/usr/src/sbin/routed/input.c
index 16d94c722b..fb34398c7f 100644
--- a/usr/src/sbin/routed/input.c
+++ b/usr/src/sbin/routed/input.c
@@ -16,7 +16,7 @@
  */
 
 #ifndef lint
-static char sccsid[] = "@(#)input.c	5.19 (Berkeley) %G%";
+static char sccsid[] = "@(#)input.c	5.20 (Berkeley) %G%";
 #endif /* not lint */
 
 /*
@@ -28,8 +28,9 @@ static char sccsid[] = "@(#)input.c	5.19 (Berkeley) %G%";
 /*
  * Process a newly received packet.
  */
-rip_input(from, size)
+rip_input(from, rip, size)
 	struct sockaddr *from;
+	register struct rip *rip;
 	int size;
 {
 	register struct rt_entry *rt;
@@ -41,25 +42,25 @@ rip_input(from, size)
 	static struct sockaddr badfrom, badfrom2;
 
 	ifp = 0;
-	TRACE_INPUT(ifp, from, size);
+	TRACE_INPUT(ifp, from, (char *)rip, size);
 	if (from->sa_family >= af_max ||
 	    (afp = &afswitch[from->sa_family])->af_hash == (int (*)())0) {
 		syslog(LOG_INFO,
 	 "\"from\" address in unsupported address family (%d), cmd %d\n",
-		    from->sa_family, msg->rip_cmd);
+		    from->sa_family, rip->rip_cmd);
 		return;
 	}
-	if (msg->rip_vers == 0) {
+	if (rip->rip_vers == 0) {
 		syslog(LOG_ERR,
 		    "RIP version 0 packet received from %s! (cmd %d)",
-		    (*afswitch[from->sa_family].af_format)(from), msg->rip_cmd);
+		    (*afswitch[from->sa_family].af_format)(from), rip->rip_cmd);
 		return;
 	}
-	switch (msg->rip_cmd) {
+	switch (rip->rip_cmd) {
 
 	case RIPCMD_REQUEST:
-		n = msg->rip_nets;
-		count = size - ((char *)n - (char *)msg);
+		n = rip->rip_nets;
+		count = size - ((char *)n - (char *)rip);
 		if (count < sizeof (struct netinfo))
 			return;
 		for (; count > 0; n++) {
@@ -99,7 +100,8 @@ rip_input(from, size)
 #endif
 			n->rip_metric = htonl(n->rip_metric);
 		}
-		msg->rip_cmd = RIPCMD_RESPONSE;
+		rip->rip_cmd = RIPCMD_RESPONSE;
+		bcopy((char *)rip, packet, size);
 		(*afp->af_output)(s, 0, from, size);
 		return;
 
@@ -115,9 +117,9 @@ rip_input(from, size)
 			    (*afswitch[from->sa_family].af_format)(from));
 			return;
 		}
-		packet[size] = '\0';
-		if (msg->rip_cmd == RIPCMD_TRACEON)
-			traceon(msg->rip_tracefile);
+		((char *)rip)[size] = '\0';
+		if (rip->rip_cmd == RIPCMD_TRACEON)
+			traceon(rip->rip_tracefile);
 		else
 			traceoff();
 		return;
@@ -174,7 +176,7 @@ rip_input(from, size)
 			return;
 		}
 		size -= 4 * sizeof (char);
-		n = msg->rip_nets;
+		n = rip->rip_nets;
 		for (; size > 0; size -= sizeof (struct netinfo), n++) {
 			if (size < sizeof (struct netinfo))
 				break;
diff --git a/usr/src/sbin/routed/main.c b/usr/src/sbin/routed/main.c
index a69b8871fd..803b4a4517 100644
--- a/usr/src/sbin/routed/main.c
+++ b/usr/src/sbin/routed/main.c
@@ -22,7 +22,7 @@ char copyright[] =
 #endif /* not lint */
 
 #ifndef lint
-static char sccsid[] = "@(#)main.c	5.16 (Berkeley) %G%";
+static char sccsid[] = "@(#)main.c	5.17 (Berkeley) %G%";
 #endif /* not lint */
 
 /*
@@ -223,6 +223,7 @@ main(argc, argv)
 			continue;
 		}
 		(void) gettimeofday(&now, (struct timezone *)NULL);
+		omask = sigblock(sigmask(SIGALRM));
 #ifdef doesntwork
 /*
 printf("s %d, ibits %x index %d, mod %d, sh %x, or %x &ibits %x\n",
@@ -241,6 +242,7 @@ printf("s %d, ibits %x index %d, mod %d, sh %x, or %x &ibits %x\n",
 #endif
 			process(s);
 		/* handle ICMP redirects */
+		sigsetmask(omask);
 	}
 }
 
@@ -270,11 +272,15 @@ process(fd)
 	int fd;
 {
 	struct sockaddr from;
-	int fromlen, cc, omask;
+	int fromlen, cc;
+	union {
+		char	buf[MAXPACKETSIZE+1];
+		struct	rip rip;
+	} inbuf;
 
 	for (;;) {
 		fromlen = sizeof (from);
-		cc = recvfrom(fd, packet, sizeof (packet), 0, &from, &fromlen);
+		cc = recvfrom(fd, &inbuf, sizeof (inbuf), 0, &from, &fromlen);
 		if (cc <= 0) {
 			if (cc < 0 && errno != EWOULDBLOCK)
 				perror("recvfrom");
@@ -282,9 +288,7 @@ process(fd)
 		}
 		if (fromlen != sizeof (struct sockaddr_in))
 			break;
-		omask = sigblock(sigmask(SIGALRM));
-		rip_input(&from, cc);
-		sigsetmask(omask);
+		rip_input(&from, &inbuf.rip, cc);
 	}
 }
 
diff --git a/usr/src/sbin/routed/trace.h b/usr/src/sbin/routed/trace.h
index cbf04785b1..1582c088bd 100644
--- a/usr/src/sbin/routed/trace.h
+++ b/usr/src/sbin/routed/trace.h
@@ -14,7 +14,7 @@
  * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED
  * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.
  *
- *	@(#)trace.h	5.6 (Berkeley) %G%
+ *	@(#)trace.h	5.7 (Berkeley) %G%
  */
 
 /*
@@ -62,15 +62,15 @@ FILE	*ftrace;		/* output trace file */
 	  if (traceactions) \
 		tracenewmetric(ftrace, route, newmetric); \
 	}
-#define	TRACE_INPUT(ifp, src, size) { \
+#define	TRACE_INPUT(ifp, src, pack, size) { \
 	  if (tracehistory) { \
 		ifp = if_iflookup(src); \
 		if (ifp) \
-			trace(&ifp->int_input, src, packet, size, \
+			trace(&ifp->int_input, src, pack, size, \
 				ntohl(ifp->int_metric)); \
 	  } \
 	  if (tracepackets) \
-		dumppacket(ftrace, "from", src, packet, size, &now); \
+		dumppacket(ftrace, "from", src, pack, size, &now); \
 	}
 #define	TRACE_OUTPUT(ifp, dst, size) { \
 	  if (tracehistory && ifp) \
-- 
2.20.1