NetBSD Problem Report #55179

From www@netbsd.org  Wed Apr 15 10:17:25 2020
Return-Path: <www@netbsd.org>
Received: from mail.netbsd.org (mail.netbsd.org [199.233.217.200])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(Client CN "mail.NetBSD.org", Issuer "mail.NetBSD.org CA" (not verified))
	by mollari.NetBSD.org (Postfix) with ESMTPS id 308721A9219
	for <gnats-bugs@gnats.NetBSD.org>; Wed, 15 Apr 2020 10:17:25 +0000 (UTC)
Message-Id: <20200415101724.0BF411A924B@mollari.NetBSD.org>
Date: Wed, 15 Apr 2020 10:17:24 +0000 (UTC)
From: hashikaw@mail.ru
Reply-To: hashikaw@mail.ru
To: gnats-bugs@NetBSD.org
Subject: ipfilter ip_state.c's problem
X-Send-Pr-Version: www-1.0

>Number:         55179
>Category:       kern
>Synopsis:       ipfilter ip_state.c's problem
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    kern-bug-people
>State:          open
>Class:          sw-bug
>Submitter-Id:   net
>Arrival-Date:   Wed Apr 15 10:20:00 +0000 2020
>Last-Modified:  Sat Feb 27 14:10:01 +0000 2021
>Originator:     Kouichi Hashikawa
>Release:        9.0-RELEASE
>Organization:
>Environment:
NetBSD kalinka 9.0 NetBSD 9.0 (GENERIC) #0: Fri Feb 14 00:06:28 UTC 2020  mkrepro@mkrepro.NetBSD.org:/usr/src/sys/arch/amd64/compile/GENERIC amd64
>Description:
I think dp = ntohs(fin->fin_dport) may be dp = htons(fin->fin_dport),
at src/sys/external/bsd/ipf/netinet/ip_state.c:2414.
(but, same result)


--------
        sp = 0;
        dp = 0; 

        if (tcp != NULL) {
                sp = htons(fin->fin_sport);
                dp = ntohs(fin->fin_dport);
        }
...
        if (rev == 0) {
                if ((IP6_EQ(&is->is_dst, dst) || (flags & SI_W_DADDR)) &&
                    (IP6_EQ(&is->is_src, src) || (flags & SI_W_SADDR))) {
                        if (tcp) {
                                if ((sp == is->is_sport || flags & SI_W_SPORT)
                                    &&
                                    (dp == is->is_dport || flags & SI_W_DPORT))
                                        ret = 1;

--------

>How-To-Repeat:
always
>Fix:
I think following patch will fix problem.
(and replace fin_sport, fin_dpost to fin_data, used only one time
at ip_state.c)


--- ip_state.c-dist     2020-01-12 16:09:10.000000000 +0900
+++ ip_state.c          2020-04-15 00:47:19.333611016 +0900
@@ -2410,8 +2410,8 @@
        dp = 0;

        if (tcp != NULL) {
-               sp = htons(fin->fin_sport);
-               dp = ntohs(fin->fin_dport);
+               sp = htons(fin->fin_data[0]);
+               dp = htons(fin->fin_data[1]);
        }
        if (!rev) {
                if (tcp != NULL) {

>Release-Note:

>Audit-Trail:
From: =?UTF-8?B?S291aWNoaSBIYXNoaWthd2E=?= <hashikaw@mail.ru>
To: gnats-bugs@netbsd.org
Cc: kern-bug-people@netbsd.org,
	gnats-admin@netbsd.org,
	netbsd-bugs@netbsd.org
Subject: Re: kern/55179: ipfilter ip_state.c's problem
Date: Sat, 18 Apr 2020 03:04:14 +0300



  Sorry, the reason I think this is a problem, comparing same value (is->is_sport or is->dport) to
  sp (htons) or dp (ntohs).

  --------
          if (tcp != NULL) {
                  sp = htons(fin->fin_sport);
                  dp = ntohs(fin->fin_dport);
          }
  ...
          /*
           * Match addresses and ports.
           */
          if (rev == 0) {
                  if ((IP6_EQ(&is->is_dst, dst) || (flags & SI_W_DADDR)) &&
                      (IP6_EQ(&is->is_src, src) || (flags & SI_W_SADDR))) {
                          if (tcp) {
                                  if ((sp == is->is_sport || flags & SI_W_SPORT)                 <-------
                                      &&
                                      (dp == is->is_dport || flags & SI_W_DPORT))                <-------
                                          ret = 1;
                          } else {
                                  ret = 1;
                          }
                  }
          } else {
                  if ((IP6_EQ(&is->is_dst, src) || (flags & SI_W_DADDR)) &&
                      (IP6_EQ(&is->is_src, dst) || (flags & SI_W_SADDR))) {
                          if (tcp) {
                                  if ((dp == is->is_sport || flags & SI_W_SPORT)                <-------
                                      &&
                                      (sp == is->is_dport || flags & SI_W_DPORT))                <-------
                                          ret = 1;
                          } else {
                                  ret = 1;
                          }
                  }
          }
   -------- 
  >Wednesday, April 15, 2020 7:20 PM +09:00 from gnats-admin@netbsd.org:
  > 
  >Thank you very much for your problem report.
  >It has the internal identification `kern/55179'.
  >The individual assigned to look at your
  >report is: kern-bug-people.
  > 
  >>Category: kern
  >>Responsible: kern-bug-people
  >>Synopsis: ipfilter ip_state.c's problem
  >>Arrival-Date: Wed Apr 15 10:20:00  +0000 2020 


  --
  Kouichi Hashikawa <hashikaw@mail.ru>





From: Christos Zoulas <christos@zoulas.com>
To: Kouichi Hashikawa <hashikaw@mail.ru>
Cc: gnats-bugs@netbsd.org,
 kern-bug-people@netbsd.org,
 gnats-admin@netbsd.org,
 netbsd-bugs@netbsd.org
Subject: Re: kern/55179: ipfilter ip_state.c's problem
Date: Sat, 18 Apr 2020 13:03:47 -0400

 --Apple-Mail=_E0EC186C-1253-4CDE-874B-32FE8B433C4D
 Content-Type: multipart/alternative;
 	boundary="Apple-Mail=_206AB399-EB41-4E53-A2E5-B7F864DF6CE6"


 --Apple-Mail=_206AB399-EB41-4E53-A2E5-B7F864DF6CE6
 Content-Transfer-Encoding: quoted-printable
 Content-Type: text/plain;
 	charset=utf-8

 I think this is correct: sp, dp are in network byte order and so is:
 % fgrep is_sport\ =3D *.c
 ip_state.c:             is->is_sport =3D htons(fin->fin_data[0]);
 ip_state.c:             is->is_sport =3D htons(fin->fin_data[0]);
 ip_state.c:                             is->is_sport =3D sp;
 ip_state.c:                             is->is_sport =3D dp;

 I fixed the inconsistency the the tcp !=3D NULL case, but that's =
 cosmetic.

 christos




 > On Apr 17, 2020, at 8:04 PM, Kouichi Hashikawa <hashikaw@mail.ru> =
 wrote:
 >=20
 >=20
 >=20
 > Sorry, the reason I think this is a problem, comparing same value =
 (is->is_sport or is->dport) to
 >=20
 > sp (htons) or dp (ntohs).
 >=20
 >=20
 >=20
 > --------
 >=20
 >         if (tcp !=3D NULL) {
 >                 sp =3D htons(fin->fin_sport);
 >                 dp =3D ntohs(fin->fin_dport);
 >         }
 >=20
 > =E2=80=A6
 >=20
 >         /*
 >          * Match addresses and ports.
 >          */
 >         if (rev =3D=3D 0) {
 >                 if ((IP6_EQ(&is->is_dst, dst) || (flags & SI_W_DADDR)) =
 &&
 >                     (IP6_EQ(&is->is_src, src) || (flags & =
 SI_W_SADDR))) {
 >=20
 >                         if (tcp) {
 >                                 if ((sp =3D=3D is->is_sport || flags & =
 SI_W_SPORT)                 <-------
 >                                     &&
 >                                     (dp =3D=3D is->is_dport || flags & =
 SI_W_DPORT))                <-------
 >                                         ret =3D 1;
 >=20
 >                         } else {
 >                                 ret =3D 1;
 >                         }
 >                 }
 >         } else {
 >                 if ((IP6_EQ(&is->is_dst, src) || (flags & SI_W_DADDR)) =
 &&
 >                     (IP6_EQ(&is->is_src, dst) || (flags & =
 SI_W_SADDR))) {
 >                         if (tcp) {
 >                                 if ((dp =3D=3D is->is_sport || flags & =
 SI_W_SPORT)                <-------
 >                                     &&
 >                                     (sp =3D=3D is->is_dport || flags & =
 SI_W_DPORT))                <-------
 >                                         ret =3D 1;
 >                         } else {
 >                                 ret =3D 1;
 >                         }
 >                 }
 >         }
 >=20
 >  --------
 >=20
 >=20
 >=20
 >=20
 >=20
 > Wednesday, April 15, 2020 7:20 PM +09:00 from gnats-admin@netbsd.org:
 > Thank you very much for your problem report.
 > It has the internal identification `kern/55179'.
 > The individual assigned to look at your
 > report is: kern-bug-people.
 >=20
 >=20
 > >Category: kern
 > >Responsible: kern-bug-people
 > >Synopsis: ipfilter ip_state.c's problem
 > >Arrival-Date: Wed Apr 15 10:20:00 +0000 2020
 >=20
 >=20
 >=20
 >=20
 >=20
 >=20
 >=20
 > --
 > Kouichi Hashikawa <hashikaw@mail.ru>
 >=20
 >=20
 >=20
 >=20
 >=20
 >=20
 > <sanitizer.log>


 --Apple-Mail=_206AB399-EB41-4E53-A2E5-B7F864DF6CE6
 Content-Transfer-Encoding: quoted-printable
 Content-Type: text/html;
 	charset=utf-8

 <html><head><meta http-equiv=3D"Content-Type" content=3D"text/html; =
 charset=3Dutf-8"></head><body style=3D"word-wrap: break-word; =
 -webkit-nbsp-mode: space; line-break: after-white-space;" class=3D"">I =
 think this is correct: sp, dp are in network byte order and so is:<div =
 class=3D"">% fgrep is_sport\ =3D *.c</div><div class=3D"">ip_state.c: =
 &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; is-&gt;is_sport =3D =
 htons(fin-&gt;fin_data[0]);<div class=3D"">ip_state.c: &nbsp; &nbsp; =
 &nbsp; &nbsp; &nbsp; &nbsp; is-&gt;is_sport =3D =
 htons(fin-&gt;fin_data[0]);</div><div class=3D"">ip_state.c: &nbsp; =
 &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; =
 &nbsp; &nbsp; &nbsp; is-&gt;is_sport =3D sp;</div><div =
 class=3D"">ip_state.c: &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; =
 &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; is-&gt;is_sport =3D =
 dp;</div><div class=3D""><br class=3D""></div><div class=3D"">I fixed =
 the inconsistency the the tcp !=3D NULL case, but that's =
 cosmetic.</div><div class=3D""><br class=3D""></div><div =
 class=3D"">christos</div><div class=3D""><br class=3D""></div><div =
 class=3D""><br class=3D""></div><div class=3D""><br =
 class=3D""></div><div><br class=3D""><blockquote type=3D"cite" =
 class=3D""><div class=3D"">On Apr 17, 2020, at 8:04 PM, Kouichi =
 Hashikawa &lt;<a href=3D"mailto:hashikaw@mail.ru" =
 class=3D"">hashikaw@mail.ru</a>&gt; wrote:</div><br =
 class=3D"Apple-interchange-newline"><div class=3D"">
 <div class=3D""><p class=3D""><defanged_div =
 class=3D""></defanged_div></p><p class=3D""><defanged_div =
 class=3D"">&nbsp;</defanged_div></p><defanged_div class=3D""><p =
 class=3D""><defanged_div class=3D"">Sorry, the reason I think this is a =
 problem, comparing same value (is-&gt;is_sport or is-&gt;dport) =
 to</defanged_div></p><defanged_div class=3D""><p class=3D""><defanged_div =
 class=3D"">sp (htons) or dp (ntohs).</defanged_div></p><defanged_div =
 class=3D""><p class=3D""><defanged_div =
 class=3D"">&nbsp;</defanged_div></p><defanged_div class=3D""><p =
 class=3D""><defanged_div =
 class=3D"">--------</defanged_div></p><defanged_div class=3D""><p =
 class=3D""><defanged_div class=3D""></defanged_div></p><p =
 class=3D""><defanged_div =
 class=3D"">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; if (tcp !=3D NULL) =
 {<br =
 class=3D"">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nb=
 sp;&nbsp;&nbsp;&nbsp;&nbsp; sp =3D htons(fin-&gt;fin_sport);<br =
 class=3D"">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nb=
 sp;&nbsp;&nbsp;&nbsp;&nbsp; dp =3D ntohs(fin-&gt;fin_dport);<br =
 class=3D"">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; =
 }</defanged_div></p><defanged_div class=3D""><p class=3D""><defanged_div =
 class=3D"">=E2=80=A6</defanged_div></p><defanged_div class=3D""><p =
 class=3D""><defanged_div class=3D""></defanged_div></p><p =
 class=3D""><defanged_div =
 class=3D"">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; /*<br =
 class=3D"">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; * Match =
 addresses and ports.<br =
 class=3D"">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; */<br =
 class=3D"">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; if (rev =3D=3D 0) =
 {<br =
 class=3D"">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nb=
 sp;&nbsp;&nbsp;&nbsp;&nbsp; if ((IP6_EQ(&amp;is-&gt;is_dst, dst) || =
 (flags &amp; SI_W_DADDR)) &amp;&amp;<br =
 class=3D"">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nb=
 sp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; =
 (IP6_EQ(&amp;is-&gt;is_src, src) || (flags &amp; SI_W_SADDR))) =
 {</defanged_div></p><defanged_div class=3D""><p class=3D""><defanged_div =
 class=3D""></defanged_div></p><p class=3D""><defanged_div =
 class=3D"">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nb=
 sp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp=
 ; if (tcp) {<br =
 class=3D"">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nb=
 sp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp=
 ;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; if ((sp =3D=3D =
 is-&gt;is_sport || flags &amp; SI_W_SPORT)&nbsp; &nbsp; &nbsp; &nbsp; =
 &nbsp; &nbsp; &nbsp; &nbsp;&nbsp; &lt;-------<br =
 class=3D"">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nb=
 sp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp=
 ;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; =
 &amp;&amp;<br =
 class=3D"">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nb=
 sp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp=
 ;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; =
 (dp =3D=3D is-&gt;is_dport || flags &amp; SI_W_DPORT)) &nbsp; &nbsp; =
 &nbsp; &nbsp; &nbsp; &nbsp; &nbsp;&nbsp; &lt;-------<br =
 class=3D"">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nb=
 sp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp=
 ;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
 nbsp;&nbsp;&nbsp;&nbsp; ret =3D 1;</defanged_div></p><defanged_div =
 class=3D""><p class=3D""><defanged_div class=3D""></defanged_div></p><p =
 class=3D""><defanged_div =
 class=3D"">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nb=
 sp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp=
 ; } else {<br =
 class=3D"">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nb=
 sp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp=
 ;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; ret =3D 1;<br =
 class=3D"">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nb=
 sp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp=
 ; }<br =
 class=3D"">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nb=
 sp;&nbsp;&nbsp;&nbsp;&nbsp; }<br =
 class=3D"">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; } else {<br =
 class=3D"">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nb=
 sp;&nbsp;&nbsp;&nbsp;&nbsp; if ((IP6_EQ(&amp;is-&gt;is_dst, src) || =
 (flags &amp; SI_W_DADDR)) &amp;&amp;<br =
 class=3D"">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nb=
 sp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; =
 (IP6_EQ(&amp;is-&gt;is_src, dst) || (flags &amp; SI_W_SADDR))) {<br =
 class=3D"">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nb=
 sp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp=
 ; if (tcp) {<br =
 class=3D"">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nb=
 sp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp=
 ;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; if ((dp =3D=3D =
 is-&gt;is_sport || flags &amp; SI_W_SPORT) &nbsp; &nbsp; &nbsp; &nbsp; =
 &nbsp; &nbsp; &nbsp;&nbsp; &lt;-------<br =
 class=3D"">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nb=
 sp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp=
 ;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; =
 &amp;&amp;<br =
 class=3D"">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nb=
 sp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp=
 ;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; =
 (sp =3D=3D is-&gt;is_dport || flags &amp; SI_W_DPORT)) &nbsp; &nbsp; =
 &nbsp; &nbsp; &nbsp; &nbsp; &nbsp;&nbsp; &lt;-------<br =
 class=3D"">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nb=
 sp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp=
 ;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
 nbsp;&nbsp;&nbsp;&nbsp; ret =3D 1;<br =
 class=3D"">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nb=
 sp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp=
 ; } else {<br =
 class=3D"">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nb=
 sp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp=
 ;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; ret =3D 1;<br =
 class=3D"">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nb=
 sp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp=
 ; }<br =
 class=3D"">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nb=
 sp;&nbsp;&nbsp;&nbsp;&nbsp; }<br =
 class=3D"">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; =
 }</defanged_div></p><defanged_div class=3D""><p class=3D""><defanged_div =
 class=3D"">&nbsp;--------</defanged_div></p><defanged_div class=3D""><div =
 class=3D""><br class=3D"webkit-block-placeholder"></div><defanged_div =
 class=3D""><div class=3D""><br =
 class=3D"webkit-block-placeholder"></div><defanged_div class=3D""><div =
 class=3D""><br class=3D"webkit-block-placeholder"></div><defanged_div =
 class=3D""><div class=3D""><br =
 class=3D"webkit-block-placeholder"></div><defanged_div =
 class=3D""><blockquote data-darkreader-inline-border-left=3D"" =
 defanged_style=3D"border-left: 1px solid rgb(8, 87, 166); margin: 10px; =
 padding: 0px 0px 0px 10px; --darkreader-inline-border-left:#0a6cce;" =
 class=3D"">Wednesday, April 15, 2020 7:20 PM +09:00 from <a =
 href=3D"mailto:gnats-admin@netbsd.org" =
 class=3D"">gnats-admin@netbsd.org</a>:<br class=3D""><p =
 class=3D""><defanged_div id=3D"" class=3D""></defanged_div></p><p =
 class=3D""><defanged_div class=3D"js-helper =
 js-readmsg-msg"><defanged_style type=3D"text/css" =
 class=3D""></defanged_style><defanged_style class=3D"darkreader =
 darkreader--sync" media=3D"screen" =
 type=3D"text/css"></defanged_style></defanged_div></p><p =
 class=3D""><defanged_div class=3D""></defanged_div></p><p =
 class=3D""><defanged_div id=3D"style_15869460051008274250_BODY" =
 class=3D"">Thank you very much for your problem report.<br class=3D"">It =
 has the internal identification `kern/55179'.<br class=3D"">The =
 individual assigned to look at your<br class=3D"">report is: =
 kern-bug-people.<br class=3D"">&nbsp;</defanged_div></p><p =
 class=3D""><defanged_div class=3D"mail-quote-collapse">&gt;Category: =
 kern<br class=3D"">&gt;Responsible: kern-bug-people<br =
 class=3D"">&gt;Synopsis: ipfilter ip_state.c's problem<br =
 class=3D"">&gt;Arrival-Date: Wed Apr 15 10:20:00 <defanged_span =
 class=3D"js-phone-number">+0000 =
 2020</defanged_span></defanged_div></p><defanged_div class=3D""><div =
 class=3D""><br class=3D"webkit-block-placeholder"></div><defanged_div =
 class=3D""><div class=3D""><br =
 class=3D"webkit-block-placeholder"></div><defanged_div class=3D""><div =
 class=3D""><br class=3D"webkit-block-placeholder"></div><defanged_div =
 class=3D""><div class=3D""><br =
 class=3D"webkit-block-placeholder"></div><defanged_div =
 class=3D""></defanged_div></defanged_div></defanged_div></defanged_div></d=
 efanged_div></blockquote><p class=3D""><defanged_div =
 class=3D"">&nbsp;</defanged_div></p><defanged_div class=3D""><p =
 class=3D""><defanged_div data-signature-widget=3D"container" =
 class=3D""></defanged_div></p><p class=3D""><defanged_div =
 data-signature-widget=3D"content" class=3D""></defanged_div></p><p =
 class=3D""><defanged_div class=3D"">--<br class=3D"">Kouichi Hashikawa =
 &lt;<a href=3D"mailto:hashikaw@mail.ru" =
 class=3D"">hashikaw@mail.ru</a>&gt;</defanged_div></p><defanged_div =
 class=3D""><div class=3D""><br =
 class=3D"webkit-block-placeholder"></div><defanged_div class=3D""><div =
 class=3D""><br class=3D"webkit-block-placeholder"></div><defanged_div =
 class=3D""><p class=3D""><defanged_div =
 class=3D"">&nbsp;</defanged_div></p><defanged_div class=3D""><div =
 class=3D""><br class=3D"webkit-block-placeholder"></div><defanged_div =
 class=3D""></defanged_div></defanged_div></defanged_div></defanged_div></d=
 efanged_div></defanged_div></defanged_div></defanged_div></defanged_div></=
 defanged_div></defanged_div></defanged_div></defanged_div></defanged_div><=
 /defanged_div></defanged_div></defanged_div></defanged_div></defanged_div>=
 </defanged_div></defanged_div></div>
 <span =
 id=3D"cid:05CE5A54-6742-4D5F-90FD-A5B537FA78BF@astron.com">&lt;sanitizer.l=
 og&gt;</span></div></blockquote></div><br class=3D""></div></body></html>=

 --Apple-Mail=_206AB399-EB41-4E53-A2E5-B7F864DF6CE6--

 --Apple-Mail=_E0EC186C-1253-4CDE-874B-32FE8B433C4D
 Content-Transfer-Encoding: 7bit
 Content-Disposition: attachment;
 	filename=signature.asc
 Content-Type: application/pgp-signature;
 	name=signature.asc
 Content-Description: Message signed with OpenPGP

 -----BEGIN PGP SIGNATURE-----
 Comment: GPGTools - http://gpgtools.org

 iF0EARECAB0WIQS+BJlbqPkO0MDBdsRxESqxbLM7OgUCXpsy8wAKCRBxESqxbLM7
 OsqFAJ9ufExhBibWE0rzTP9F2EDhT/BSNwCeIT6SUdjY9eCKYI/YfIMjuuyUExY=
 =vfYB
 -----END PGP SIGNATURE-----

 --Apple-Mail=_E0EC186C-1253-4CDE-874B-32FE8B433C4D--

From: Kouichi Hashikawa <hashikaw@mail.ru>
To: gnats-bugs@netbsd.org
Cc: kern-bug-people@netbsd.org, gnats-admin@netbsd.org,
 netbsd-bugs@netbsd.org
Subject: Re: kern/55179: ipfilter ip_state.c's problem
Date: Fri, 15 May 2020 06:28:36 +0900

 Thank you.
 Please close this PR.
 And please pull-up to 9 branch.

 --=20
 Kouichi Hashikawa <hashikaw@mail.ru>

 > 2020/04/19 2:05=E3=80=81Christos Zoulas <christos@zoulas.com>=E3=81=AE=E3=83=
 =A1=E3=83=BC=E3=83=AB:
 >=20
 > =EF=BB=BFThe following reply was made to PR kern/55179; it has been noted b=
 y GNATS.
 >=20
 > From: Christos Zoulas <christos@zoulas.com>
 > To: Kouichi Hashikawa <hashikaw@mail.ru>
 > Cc: gnats-bugs@netbsd.org,
 > kern-bug-people@netbsd.org,
 > gnats-admin@netbsd.org,
 > netbsd-bugs@netbsd.org
 > Subject: Re: kern/55179: ipfilter ip_state.c's problem
 > Date: Sat, 18 Apr 2020 13:03:47 -0400
 >=20
 > --Apple-Mail=3D_E0EC186C-1253-4CDE-874B-32FE8B433C4D
 > Content-Type: multipart/alternative;
 >    boundary=3D"Apple-Mail=3D_206AB399-EB41-4E53-A2E5-B7F864DF6CE6"
 >=20
 >=20
 > --Apple-Mail=3D_206AB399-EB41-4E53-A2E5-B7F864DF6CE6
 > Content-Transfer-Encoding: quoted-printable
 > Content-Type: text/plain;
 >    charset=3Dutf-8
 >=20
 > I think this is correct: sp, dp are in network byte order and so is:
 > % fgrep is_sport\ =3D3D *.c
 > ip_state.c:             is->is_sport =3D3D htons(fin->fin_data[0]);
 > ip_state.c:             is->is_sport =3D3D htons(fin->fin_data[0]);
 > ip_state.c:                             is->is_sport =3D3D sp;
 > ip_state.c:                             is->is_sport =3D3D dp;
 >=20
 > I fixed the inconsistency the the tcp !=3D3D NULL case, but that's =3D
 > cosmetic.
 >=20
 > christos
 >=20
 >=20
 >=20
 >=20
 >>> On Apr 17, 2020, at 8:04 PM, Kouichi Hashikawa <hashikaw@mail.ru> =3D
 >> wrote:
 >> =3D20
 >> =3D20
 >> =3D20
 >> Sorry, the reason I think this is a problem, comparing same value =3D
 > (is->is_sport or is->dport) to
 >> =3D20
 >> sp (htons) or dp (ntohs).
 >> =3D20
 >> =3D20
 >> =3D20
 >> --------
 >> =3D20
 >>        if (tcp !=3D3D NULL) {
 >>                sp =3D3D htons(fin->fin_sport);
 >>                dp =3D3D ntohs(fin->fin_dport);
 >>        }
 >> =3D20
 >> =3DE2=3D80=3DA6
 >> =3D20
 >>        /*
 >>         * Match addresses and ports.
 >>         */
 >>        if (rev =3D3D=3D3D 0) {
 >>                if ((IP6_EQ(&is->is_dst, dst) || (flags & SI_W_DADDR)) =3D=

 > &&
 >>                    (IP6_EQ(&is->is_src, src) || (flags & =3D
 > SI_W_SADDR))) {
 >> =3D20
 >>                        if (tcp) {
 >>                                if ((sp =3D3D=3D3D is->is_sport || flags &=
  =3D
 > SI_W_SPORT)                 <-------
 >>                                    &&
 >>                                    (dp =3D3D=3D3D is->is_dport || flags &=
  =3D
 > SI_W_DPORT))                <-------
 >>                                        ret =3D3D 1;
 >> =3D20
 >>                        } else {
 >>                                ret =3D3D 1;
 >>                        }
 >>                }
 >>        } else {
 >>                if ((IP6_EQ(&is->is_dst, src) || (flags & SI_W_DADDR)) =3D=

 > &&
 >>                    (IP6_EQ(&is->is_src, dst) || (flags & =3D
 > SI_W_SADDR))) {
 >>                        if (tcp) {
 >>                                if ((dp =3D3D=3D3D is->is_sport || flags &=
  =3D
 > SI_W_SPORT)                <-------
 >>                                    &&
 >>                                    (sp =3D3D=3D3D is->is_dport || flags &=
  =3D
 > SI_W_DPORT))                <-------
 >>                                        ret =3D3D 1;
 >>                        } else {
 >>                                ret =3D3D 1;
 >>                        }
 >>                }
 >>        }
 >> =3D20
 >> --------
 >> =3D20
 >> =3D20
 >> =3D20
 >> =3D20
 >> =3D20
 >> Wednesday, April 15, 2020 7:20 PM +09:00 from gnats-admin@netbsd.org:
 >> Thank you very much for your problem report.
 >> It has the internal identification `kern/55179'.
 >> The individual assigned to look at your
 >> report is: kern-bug-people.
 >> =3D20
 >> =3D20
 >>> Category: kern
 >>> Responsible: kern-bug-people
 >>> Synopsis: ipfilter ip_state.c's problem
 >>> Arrival-Date: Wed Apr 15 10:20:00 +0000 2020
 >> =3D20
 >> =3D20
 >> =3D20
 >> =3D20
 >> =3D20
 >> =3D20
 >> =3D20
 >> --
 >> Kouichi Hashikawa <hashikaw@mail.ru>
 >> =3D20
 >> =3D20
 >> =3D20
 >> =3D20
 >> =3D20
 >> =3D20
 >> <sanitizer.log>
 >=20
 >=20
 > --Apple-Mail=3D_206AB399-EB41-4E53-A2E5-B7F864DF6CE6
 > Content-Transfer-Encoding: quoted-printable
 > Content-Type: text/html;
 >    charset=3Dutf-8
 >=20
 > <html><head><meta http-equiv=3D3D"Content-Type" content=3D3D"text/html; =3D=

 > charset=3D3Dutf-8"></head><body style=3D3D"word-wrap: break-word; =3D
 > -webkit-nbsp-mode: space; line-break: after-white-space;" class=3D3D"">I =3D=

 > think this is correct: sp, dp are in network byte order and so is:<div =3D=

 > class=3D3D"">% fgrep is_sport\ =3D3D *.c</div><div class=3D3D"">ip_state.c=
 : =3D
 > &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; is-&gt;is_sport =3D3D =3D
 > htons(fin-&gt;fin_data[0]);<div class=3D3D"">ip_state.c: &nbsp; &nbsp; =3D=

 > &nbsp; &nbsp; &nbsp; &nbsp; is-&gt;is_sport =3D3D =3D
 > htons(fin-&gt;fin_data[0]);</div><div class=3D3D"">ip_state.c: &nbsp; =3D
 > &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; =3D
 > &nbsp; &nbsp; &nbsp; is-&gt;is_sport =3D3D sp;</div><div =3D
 > class=3D3D"">ip_state.c: &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; =3D=

 > &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; is-&gt;is_sport =3D3D =3D=

 > dp;</div><div class=3D3D""><br class=3D3D""></div><div class=3D3D"">I fixe=
 d =3D
 > the inconsistency the the tcp !=3D3D NULL case, but that's =3D
 > cosmetic.</div><div class=3D3D""><br class=3D3D""></div><div =3D
 > class=3D3D"">christos</div><div class=3D3D""><br class=3D3D""></div><div =3D=

 > class=3D3D""><br class=3D3D""></div><div class=3D3D""><br =3D
 > class=3D3D""></div><div><br class=3D3D""><blockquote type=3D3D"cite" =3D
 > class=3D3D""><div class=3D3D"">On Apr 17, 2020, at 8:04 PM, Kouichi =3D
 > Hashikawa &lt;<a href=3D3D"mailto:hashikaw@mail.ru" =3D
 > class=3D3D"">hashikaw@mail.ru</a>&gt; wrote:</div><br =3D
 > class=3D3D"Apple-interchange-newline"><div class=3D3D"">
 > <div class=3D3D""><p class=3D3D""><defanged_div =3D
 > class=3D3D""></defanged_div></p><p class=3D3D""><defanged_div =3D
 > class=3D3D"">&nbsp;</defanged_div></p><defanged_div class=3D3D""><p =3D
 > class=3D3D""><defanged_div class=3D3D"">Sorry, the reason I think this is a=
  =3D
 > problem, comparing same value (is-&gt;is_sport or is-&gt;dport) =3D
 > to</defanged_div></p><defanged_div class=3D3D""><p class=3D3D""><defanged_=
 div =3D
 > class=3D3D"">sp (htons) or dp (ntohs).</defanged_div></p><defanged_div =3D=

 > class=3D3D""><p class=3D3D""><defanged_div =3D
 > class=3D3D"">&nbsp;</defanged_div></p><defanged_div class=3D3D""><p =3D
 > class=3D3D""><defanged_div =3D
 > class=3D3D"">--------</defanged_div></p><defanged_div class=3D3D""><p =3D
 > class=3D3D""><defanged_div class=3D3D""></defanged_div></p><p =3D
 > class=3D3D""><defanged_div =3D
 > class=3D3D"">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; if (tcp !=3D3D NUL=
 L) =3D
 > {<br =3D
 > class=3D3D"">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
 nb=3D
 > sp;&nbsp;&nbsp;&nbsp;&nbsp; sp =3D3D htons(fin-&gt;fin_sport);<br =3D
 > class=3D3D"">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
 nb=3D
 > sp;&nbsp;&nbsp;&nbsp;&nbsp; dp =3D3D ntohs(fin-&gt;fin_dport);<br =3D
 > class=3D3D"">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; =3D
 > }</defanged_div></p><defanged_div class=3D3D""><p class=3D3D""><defanged_d=
 iv =3D
 > class=3D3D"">=3DE2=3D80=3DA6</defanged_div></p><defanged_div class=3D3D"">=
 <p =3D
 > class=3D3D""><defanged_div class=3D3D""></defanged_div></p><p =3D
 > class=3D3D""><defanged_div =3D
 > class=3D3D"">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; /*<br =3D
 > class=3D3D"">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; * Match =3D
 > addresses and ports.<br =3D
 > class=3D3D"">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; */<br =3D
 > class=3D3D"">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; if (rev =3D3D=3D3D=
  0) =3D
 > {<br =3D
 > class=3D3D"">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
 nb=3D
 > sp;&nbsp;&nbsp;&nbsp;&nbsp; if ((IP6_EQ(&amp;is-&gt;is_dst, dst) || =3D
 > (flags &amp; SI_W_DADDR)) &amp;&amp;<br =3D
 > class=3D3D"">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
 nb=3D
 > sp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; =3D
 > (IP6_EQ(&amp;is-&gt;is_src, src) || (flags &amp; SI_W_SADDR))) =3D
 > {</defanged_div></p><defanged_div class=3D3D""><p class=3D3D""><defanged_d=
 iv =3D
 > class=3D3D""></defanged_div></p><p class=3D3D""><defanged_div =3D
 > class=3D3D"">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
 nb=3D
 > sp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp=
 =3D
 > ; if (tcp) {<br =3D
 > class=3D3D"">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
 nb=3D
 > sp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp=
 =3D
 > ;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; if ((sp =3D3D=3D3D =3D
 > is-&gt;is_sport || flags &amp; SI_W_SPORT)&nbsp; &nbsp; &nbsp; &nbsp; =3D
 > &nbsp; &nbsp; &nbsp; &nbsp;&nbsp; &lt;-------<br =3D
 > class=3D3D"">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
 nb=3D
 > sp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp=
 =3D
 > ;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; =3D=

 > &amp;&amp;<br =3D
 > class=3D3D"">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
 nb=3D
 > sp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp=
 =3D
 > ;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; =3D=

 > (dp =3D3D=3D3D is-&gt;is_dport || flags &amp; SI_W_DPORT)) &nbsp; &nbsp; =3D=

 > &nbsp; &nbsp; &nbsp; &nbsp; &nbsp;&nbsp; &lt;-------<br =3D
 > class=3D3D"">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
 nb=3D
 > sp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp=
 =3D
 > ;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
 =3D
 > nbsp;&nbsp;&nbsp;&nbsp; ret =3D3D 1;</defanged_div></p><defanged_div =3D
 > class=3D3D""><p class=3D3D""><defanged_div class=3D3D""></defanged_div></p=
 ><p =3D
 > class=3D3D""><defanged_div =3D
 > class=3D3D"">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
 nb=3D
 > sp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp=
 =3D
 > ; } else {<br =3D
 > class=3D3D"">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
 nb=3D
 > sp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp=
 =3D
 > ;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; ret =3D3D 1;<br =3D
 > class=3D3D"">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
 nb=3D
 > sp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp=
 =3D
 > ; }<br =3D
 > class=3D3D"">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
 nb=3D
 > sp;&nbsp;&nbsp;&nbsp;&nbsp; }<br =3D
 > class=3D3D"">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; } else {<br =3D
 > class=3D3D"">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
 nb=3D
 > sp;&nbsp;&nbsp;&nbsp;&nbsp; if ((IP6_EQ(&amp;is-&gt;is_dst, src) || =3D
 > (flags &amp; SI_W_DADDR)) &amp;&amp;<br =3D
 > class=3D3D"">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
 nb=3D
 > sp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; =3D
 > (IP6_EQ(&amp;is-&gt;is_src, dst) || (flags &amp; SI_W_SADDR))) {<br =3D
 > class=3D3D"">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
 nb=3D
 > sp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp=
 =3D
 > ; if (tcp) {<br =3D
 > class=3D3D"">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
 nb=3D
 > sp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp=
 =3D
 > ;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; if ((dp =3D3D=3D3D =3D
 > is-&gt;is_sport || flags &amp; SI_W_SPORT) &nbsp; &nbsp; &nbsp; &nbsp; =3D=

 > &nbsp; &nbsp; &nbsp;&nbsp; &lt;-------<br =3D
 > class=3D3D"">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
 nb=3D
 > sp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp=
 =3D
 > ;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; =3D=

 > &amp;&amp;<br =3D
 > class=3D3D"">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
 nb=3D
 > sp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp=
 =3D
 > ;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; =3D=

 > (sp =3D3D=3D3D is-&gt;is_dport || flags &amp; SI_W_DPORT)) &nbsp; &nbsp; =3D=

 > &nbsp; &nbsp; &nbsp; &nbsp; &nbsp;&nbsp; &lt;-------<br =3D
 > class=3D3D"">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
 nb=3D
 > sp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp=
 =3D
 > ;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
 =3D
 > nbsp;&nbsp;&nbsp;&nbsp; ret =3D3D 1;<br =3D
 > class=3D3D"">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
 nb=3D
 > sp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp=
 =3D
 > ; } else {<br =3D
 > class=3D3D"">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
 nb=3D
 > sp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp=
 =3D
 > ;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; ret =3D3D 1;<br =3D
 > class=3D3D"">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
 nb=3D
 > sp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp=
 =3D
 > ; }<br =3D
 > class=3D3D"">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
 nb=3D
 > sp;&nbsp;&nbsp;&nbsp;&nbsp; }<br =3D
 > class=3D3D"">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; =3D
 > }</defanged_div></p><defanged_div class=3D3D""><p class=3D3D""><defanged_d=
 iv =3D
 > class=3D3D"">&nbsp;--------</defanged_div></p><defanged_div class=3D3D""><=
 div =3D
 > class=3D3D""><br class=3D3D"webkit-block-placeholder"></div><defanged_div =3D=

 > class=3D3D""><div class=3D3D""><br =3D
 > class=3D3D"webkit-block-placeholder"></div><defanged_div class=3D3D""><div=
  =3D
 > class=3D3D""><br class=3D3D"webkit-block-placeholder"></div><defanged_div =3D=

 > class=3D3D""><div class=3D3D""><br =3D
 > class=3D3D"webkit-block-placeholder"></div><defanged_div =3D
 > class=3D3D""><blockquote data-darkreader-inline-border-left=3D3D"" =3D
 > defanged_style=3D3D"border-left: 1px solid rgb(8, 87, 166); margin: 10px; =3D=

 > padding: 0px 0px 0px 10px; --darkreader-inline-border-left:#0a6cce;" =3D
 > class=3D3D"">Wednesday, April 15, 2020 7:20 PM +09:00 from <a =3D
 > href=3D3D"mailto:gnats-admin@netbsd.org" =3D
 > class=3D3D"">gnats-admin@netbsd.org</a>:<br class=3D3D""><p =3D
 > class=3D3D""><defanged_div id=3D3D"" class=3D3D""></defanged_div></p><p =3D=

 > class=3D3D""><defanged_div class=3D3D"js-helper =3D
 > js-readmsg-msg"><defanged_style type=3D3D"text/css" =3D
 > class=3D3D""></defanged_style><defanged_style class=3D3D"darkreader =3D
 > darkreader--sync" media=3D3D"screen" =3D
 > type=3D3D"text/css"></defanged_style></defanged_div></p><p =3D
 > class=3D3D""><defanged_div class=3D3D""></defanged_div></p><p =3D
 > class=3D3D""><defanged_div id=3D3D"style_15869460051008274250_BODY" =3D
 > class=3D3D"">Thank you very much for your problem report.<br class=3D3D"">=
 It =3D
 > has the internal identification `kern/55179'.<br class=3D3D"">The =3D
 > individual assigned to look at your<br class=3D3D"">report is: =3D
 > kern-bug-people.<br class=3D3D"">&nbsp;</defanged_div></p><p =3D
 > class=3D3D""><defanged_div class=3D3D"mail-quote-collapse">&gt;Category: =3D=

 > kern<br class=3D3D"">&gt;Responsible: kern-bug-people<br =3D
 > class=3D3D"">&gt;Synopsis: ipfilter ip_state.c's problem<br =3D
 > class=3D3D"">&gt;Arrival-Date: Wed Apr 15 10:20:00 <defanged_span =3D
 > class=3D3D"js-phone-number">+0000 =3D
 > 2020</defanged_span></defanged_div></p><defanged_div class=3D3D""><div =3D=

 > class=3D3D""><br class=3D3D"webkit-block-placeholder"></div><defanged_div =3D=

 > class=3D3D""><div class=3D3D""><br =3D
 > class=3D3D"webkit-block-placeholder"></div><defanged_div class=3D3D""><div=
  =3D
 > class=3D3D""><br class=3D3D"webkit-block-placeholder"></div><defanged_div =3D=

 > class=3D3D""><div class=3D3D""><br =3D
 > class=3D3D"webkit-block-placeholder"></div><defanged_div =3D
 > class=3D3D""></defanged_div></defanged_div></defanged_div></defanged_div><=
 /d=3D
 > efanged_div></blockquote><p class=3D3D""><defanged_div =3D
 > class=3D3D"">&nbsp;</defanged_div></p><defanged_div class=3D3D""><p =3D
 > class=3D3D""><defanged_div data-signature-widget=3D3D"container" =3D
 > class=3D3D""></defanged_div></p><p class=3D3D""><defanged_div =3D
 > data-signature-widget=3D3D"content" class=3D3D""></defanged_div></p><p =3D=

 > class=3D3D""><defanged_div class=3D3D"">--<br class=3D3D"">Kouichi Hashika=
 wa =3D
 > &lt;<a href=3D3D"mailto:hashikaw@mail.ru" =3D
 > class=3D3D"">hashikaw@mail.ru</a>&gt;</defanged_div></p><defanged_div =3D
 > class=3D3D""><div class=3D3D""><br =3D
 > class=3D3D"webkit-block-placeholder"></div><defanged_div class=3D3D""><div=
  =3D
 > class=3D3D""><br class=3D3D"webkit-block-placeholder"></div><defanged_div =3D=

 > class=3D3D""><p class=3D3D""><defanged_div =3D
 > class=3D3D"">&nbsp;</defanged_div></p><defanged_div class=3D3D""><div =3D
 > class=3D3D""><br class=3D3D"webkit-block-placeholder"></div><defanged_div =3D=

 > class=3D3D""></defanged_div></defanged_div></defanged_div></defanged_div><=
 /d=3D
 > efanged_div></defanged_div></defanged_div></defanged_div></defanged_div></=
 =3D
 > defanged_div></defanged_div></defanged_div></defanged_div></defanged_div><=
 =3D
 > /defanged_div></defanged_div></defanged_div></defanged_div></defanged_div>=
 =3D
 > </defanged_div></defanged_div></div>
 > <span =3D
 > id=3D3D"cid:05CE5A54-6742-4D5F-90FD-A5B537FA78BF@astron.com">&lt;sanitizer=
 .l=3D
 > og&gt;</span></div></blockquote></div><br class=3D3D""></div></body></html=
 >=3D
 >=20
 > --Apple-Mail=3D_206AB399-EB41-4E53-A2E5-B7F864DF6CE6--
 >=20
 > --Apple-Mail=3D_E0EC186C-1253-4CDE-874B-32FE8B433C4D
 > Content-Transfer-Encoding: 7bit
 > Content-Disposition: attachment;
 >    filename=3Dsignature.asc
 > Content-Type: application/pgp-signature;
 >    name=3Dsignature.asc
 > Content-Description: Message signed with OpenPGP
 >=20
 > -----BEGIN PGP SIGNATURE-----
 > Comment: GPGTools - http://gpgtools.org
 >=20
 > iF0EARECAB0WIQS+BJlbqPkO0MDBdsRxESqxbLM7OgUCXpsy8wAKCRBxESqxbLM7
 > OsqFAJ9ufExhBibWE0rzTP9F2EDhT/BSNwCeIT6SUdjY9eCKYI/YfIMjuuyUExY=3D
 > =3DvfYB
 > -----END PGP SIGNATURE-----
 >=20
 > --Apple-Mail=3D_E0EC186C-1253-4CDE-874B-32FE8B433C4D--
 >=20

From: Kouichi Hashikawa <hashikaw@mail.ru>
To: gnats-bugs@netbsd.org
Cc: christos@netbsd.org
Subject: Re: kern/55179: ipfilter ip_state.c's problem
Date: Sat, 27 Feb 2021 23:05:46 +0900

 > I fixed the inconsistency the the tcp != NULL case, but that's cosmetic.
 > 
 Thank you applying patch.
 Please pull-up to netbsd-9 branch, and close the problem.


 -- 
 Kouichi Hashikawa

>Unformatted:

NetBSD Home
NetBSD PR Database Search

(Contact us) $NetBSD: query-full-pr,v 1.46 2020/01/03 16:35:01 leot Exp $
$NetBSD: gnats_config.sh,v 1.9 2014/08/02 14:16:04 spz Exp $
Copyright © 1994-2020 The NetBSD Foundation, Inc. ALL RIGHTS RESERVED.