此代码中的 memmove 调用导致程序因总线错误而崩溃。基本上,代码接收一个 IP 数据包,然后创建一个新数据包。它计算了输入数据包中几个不可变字段的 MD5_HMAC(除 TTL、校验和之外的所有字段),并将这些值推送到输出数据包中。
int ahmd5_input(u_char *packet, ssize_t *len, struct ahmd5_xdata *xd)
{
struct ip *ip, *ipo; /* pointers to ip headers */
struct ah* ah; /* pointer to AH header */
struct ahmd5 aho; /* pointer to AHMD5 for Check */
/* get length of the result packet */
opacket_len = *len - sizeof(struct ahmd5);
/* allocate memory for output packet */
opacket = (u_char *)malloc(opacket_len);
if(opacket == NULL) {
printf("Cannot allocate memory buffer");
return ERR_ALLOC;
}
/* get pointer to output ip header */
ipo = (struct ip *)opacket;
/* get pointer to AH header */
ah = (struct ah*)(ip + 1);
/* zeroize the tos, sum & ttl for auth. data calculation */
*ipo = *ip;
ipo->ip_tos = 0;
ipo->ip_ttl = 0;
ipo->ip_sum = 0;
/* Calculate Auth. Data (digest) */
MD5Init(&ctx);
MD5Update(&ctx, (unsigned char *)xd->amx_key, xd->amx_klen);
MD5Update(&ctx, (unsigned char *)ipo, sizeof (struct ip));
MD5Update(&ctx, (unsigned char *)ah, AH_FLENGTH);
MD5Update(&ctx, md5zeroes, xd->amx_alen);
MD5Update(&ctx, (unsigned char *)xd->amx_key, xd->amx_klen);
MD5Final((unsigned char *)(&(aho.ah_data[0])), &ctx);
/* Authentication checking */
if (bcmp(aho.ah_data, ah->ah_data, xd->amx_alen))
{
time(&curr_time);
printf("bad auth.: packet id = %d from %s : date: %s", ipo->ip_id, inet_ntoa(ipo->ip_src), ctime(&curr_time));
free(opacket);
return ERR_AUTH;
}
/* restore ip header*/
*ipo = *ip;
/* copy the contents of the packet */
memmove((void *)(ipo+1),(void*)((struct ahmd5 *)ah+1), opacket_len-sizeof(struct ip));
// memcpy((void *)(ipo+1),(void*)((struct ahmd5 *)ah+1), opacket_len-sizeof(struct ip));
bcopy(opacket, packet, opacket_len);
*len = opacket_len;
printf(" ** Inbound processing complete\n");
free(opacket);
return 0;
}
我不确定如何解决这个问题。将不胜感激一些帮助。谢谢
以下是结构:
struct ahmd5
{
u_char ah_nh; /* Next header (protocol) */
u_char ah_hl; /* AH length, in 32-bit words */
u_short ah_rv; /* reserved, must be 0 */
u_long ah_spi; /* Security Parameters Index */
u_char ah_data[AHMD5_AMAX]; /* */
};
struct ahmd5_xdata
{
u_short amx_klen; /* Key material length */
u_short amx_alen; /* authenticator length */
u_char amx_key[AHMD5_KMAX]; /* Key material */
};
struct ah
{
u_char ah_nh; /* Next header (protocol) */
u_char ah_hl; /* AH length, in 32-bit words */
u_short ah_rv; /* reserved, must be 0 */
u_long ah_spi; /* Security Parameters Index */
u_char ah_data[1]; /* More, really*/
};
struct ahstat
{
u_long ahs_hdrops; /* packet shorter than header shows */
u_long ahs_notdb;
u_long ahs_badkcr;
u_long ahs_badauth;
u_long ahs_noxform;
u_long ahs_qfull;
};