Ethereal-dev: [Ethereal-dev] Re: rev 17612: /trunk/epan/dissectors/: packet-tcp.c

Note: This archive is from the project's previous web site, ethereal.com. This list is no longer active.

Date Index Thread Index Other Months All Mailing Lists
Date Prev Date Next Thread Prev Thread Next
From: "ronnie sahlberg" <ronniesahlberg@xxxxxxxxx>
Date: Tue, 14 Mar 2006 20:34:40 +0000
I would say it is likely 2 bytes of kernel memory that is leaked here.

The question is "what kind of memory is leaked?"
In the most bening case it would just be a buffer from a previous
received packet that is reused and thus it is just the checksum from
that packet.

In a less bening case ...


In any case I think the kernel guys should have a look at it and avoid
this leak regardless.


woohoo    ethereal found a kernel bug !


On 3/14/06, Gerald Combs <gerald@xxxxxxxxxxxx> wrote:
> sahlberg@xxxxxxxxxxxx wrote:
> > User: sahlberg
> > Date: 2006/03/13 02:50 PM
> >
> > Log:
> >  if tcp checksum validation is enabled
> >  and if the checksum is wrong
> >  and if the checksum field is 0x0000
>
> I know it's only two bytes but
>
>   If the outgoing checksum is wrong
>   and if offloading is enabled
>   and if the checksum field is NOT 0x0000
>
> Would that indicate that your kernel isn't properly clearing memory, and
> that you're get a little snapshot of kernel memory for every outgoing
> TCP packet?  I have a few captures that show this behavior.
> _______________________________________________
> Ethereal-dev mailing list
> Ethereal-dev@xxxxxxxxxxxx
> http://www.ethereal.com/mailman/listinfo/ethereal-dev
>