memove导致总线错误

时间:2012-11-30 19:41:13

标签: c bus-error memmove

此代码中的memmove调用导致程序因总线错误而崩溃。基本上,代码接收IP数据包然后创建新数据包。它计算了输入数据包中的几个不可变字段的MD5_HMAC(除了TTL,Checksum之外的所有字段),并将值推送到输出数据包中。

int ahmd5_input(u_char *packet, ssize_t *len, struct ahmd5_xdata *xd)
{
  struct ip *ip, *ipo; /* pointers to ip headers */
  struct  ah* ah;   /* pointer to AH header */
  struct ahmd5 aho; /* pointer to AHMD5 for Check */

  /* get length of the result packet */
  opacket_len = *len - sizeof(struct ahmd5);

  /* allocate memory for output packet */
  opacket = (u_char *)malloc(opacket_len);
  if(opacket == NULL) {
    printf("Cannot allocate memory buffer");
    return ERR_ALLOC;
  }

  /* get pointer to output ip header */
  ipo = (struct ip *)opacket;

  /* get pointer to AH header */
  ah = (struct ah*)(ip + 1);

  /* zeroize the tos, sum & ttl for auth. data calculation */
  *ipo = *ip;
  ipo->ip_tos = 0;
  ipo->ip_ttl = 0;
  ipo->ip_sum = 0;

  /* Calculate Auth. Data (digest) */
  MD5Init(&ctx);
  MD5Update(&ctx, (unsigned char *)xd->amx_key, xd->amx_klen);
  MD5Update(&ctx, (unsigned char *)ipo, sizeof (struct ip));
  MD5Update(&ctx, (unsigned char *)ah, AH_FLENGTH);
  MD5Update(&ctx, md5zeroes, xd->amx_alen);
  MD5Update(&ctx, (unsigned char *)xd->amx_key, xd->amx_klen);
  MD5Final((unsigned char *)(&(aho.ah_data[0])), &ctx);

  /* Authentication checking */
  if (bcmp(aho.ah_data, ah->ah_data, xd->amx_alen))
    {
      time(&curr_time);
      printf("bad auth.: packet id = %d from %s : date: %s", ipo->ip_id, inet_ntoa(ipo->ip_src), ctime(&curr_time));
      free(opacket);
      return ERR_AUTH;
    }

  /* restore ip header*/
  *ipo = *ip;

  /* copy the contents of the packet */
  memmove((void *)(ipo+1),(void*)((struct ahmd5 *)ah+1), opacket_len-sizeof(struct ip));

  // memcpy((void *)(ipo+1),(void*)((struct ahmd5 *)ah+1), opacket_len-sizeof(struct ip));


  bcopy(opacket, packet, opacket_len);
  *len = opacket_len;

  printf("   ** Inbound processing complete\n");


  free(opacket);

  return 0;
}

我不确定如何解决这个问题。会感激一些帮助。感谢

以下是结构:

struct ahmd5
{
u_char  ah_nh;          /* Next header (protocol) */
u_char  ah_hl;          /* AH length, in 32-bit words */
u_short ah_rv;          /* reserved, must be 0 */
u_long  ah_spi;         /* Security Parameters Index */
u_char  ah_data[AHMD5_AMAX];    /*  */
};

struct ahmd5_xdata
{
u_short amx_klen;       /* Key material length */
u_short amx_alen;       /* authenticator length */
u_char  amx_key[AHMD5_KMAX];    /* Key material */
};

struct ah
{
u_char  ah_nh;          /* Next header (protocol) */
u_char  ah_hl;          /* AH length, in 32-bit words */
u_short ah_rv;          /* reserved, must be 0 */
u_long  ah_spi;         /* Security Parameters Index */
u_char  ah_data[1];     /* More, really*/
};


struct ahstat
{
u_long  ahs_hdrops;     /* packet shorter than header shows */
u_long  ahs_notdb;
u_long  ahs_badkcr;
u_long  ahs_badauth;
u_long  ahs_noxform;
u_long  ahs_qfull;
};

0 个答案:

没有答案