Ping of death

[im-0]

Test case:

#include <stdint.h>
#include <stdio.h>

#include "net.h"

void send_ethernet_frame(const uint8_t *payload, size_t payload_len)
{
    printf("send_ethernet_frame()\n");
}

void udp_packet_handler(uint32_t remote_ip, uint16_t dport, uint16_t sport, const uint8_t *payload, size_t len)
{
    printf("udp_packet_handler()\n");
}

int main()
{
    const uint8_t mac[] = {0x01, 0x02, 0x03, 0x04, 0x05, 0x06};
    const uint8_t packet0[] = {
        /* Ethernet header */
        0x01, 0x02, 0x03, 0x04, 0x05, 0x06,  /* destination MAC */
        0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c,  /* source MAC */
        0x08, 0x00,                          /* payload type == IP */

        /* IPv4 header */
        0x00,                                /* version, IHL */
        0x00,                                /* DSCP, ECN */
        0x00, 0x00,                          /* length with header */
        0x00, 0x00,                          /* identification */
        0x00, 0x00,                          /* flags, fragment offset */
        0x00,                                /* TTL */
        0x01,                                /* protocol == ICMP */
        0x00, 0x00,                          /* checksum of header */
        0x00, 0x00, 0x00, 0x00,              /* source IP */
        0x00, 0x00, 0x00, 0x00,              /* destination IP */

        /* ICMP header */
        0x08,                                /* type == Echo Request */
        /* incomplete */
    };
    const size_t packet0_len = sizeof(packet0);

    printf("started\n");

    libip_init(42, mac);
    printf("initialized\n");

    libip_handle_ethernet(packet0, packet0_len);
    printf("handled packet of length %zu\n", packet0_len);

    printf("finished\n");
    return 0;
}

Result:

started
initialized
Segmentation fault (core dumped)

Вообще, с безопасностью в коде не очень...

[vladtcvs]

Вообще, с безопасностью в коде не очень...

Это да...