git: eaab882600d3 - main - Revert "Reapply "sbin/ping: allow normal users to specify larger packets""

Reply: Maxim Konovalov : "Re: git: eaab882600d3 - main - Revert "Reapply "sbin/ping: allow normal users to specify larger packets"""
Go to: [ bottom of page ] [ top of archives ] [ this month ]

From: Mark Johnston <markj_at_FreeBSD.org>
Date: Sun, 20 Oct 2024 15:52:55 UTC

The branch main has been updated by markj:

URL: https://cgit.FreeBSD.org/src/commit/?id=eaab882600d3cf1562a4030e7c91ad3e0861937b

commit eaab882600d3cf1562a4030e7c91ad3e0861937b
Author:     Mark Johnston <markj@FreeBSD.org>
AuthorDate: 2024-10-20 14:27:25 +0000
Commit:     Mark Johnston <markj@FreeBSD.org>
CommitDate: 2024-10-20 15:52:28 +0000

    Revert "Reapply "sbin/ping: allow normal users to specify larger packets""
    
    The value of MAXPAYLOAD in the re-applied commit is not right.  Back
    this out until it's had a proper review.
    
    This reverts commit b88df1e893c455731c7915f72a3b97b078ab04e2.
    
    Requested by:   maxim, glebius
---
 sbin/ping/ping.8 |  3 ++-
 sbin/ping/ping.c | 11 ++++++-----
 2 files changed, 8 insertions(+), 6 deletions(-)

diff --git a/sbin/ping/ping.8 b/sbin/ping/ping.8
index 951049d0f252..0eaec196e1e3 100644
--- a/sbin/ping/ping.8
+++ b/sbin/ping/ping.8
@@ -25,7 +25,7 @@
 .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
 .\" SUCH DAMAGE.
 .\"
-.Dd October 15, 2024
+.Dd September 15, 2023
 .Dt PING 8
 .Os
 .Sh NAME
@@ -312,6 +312,7 @@ with the 8 bytes of
 ICMP
 header data.
 .Pp
+For IPv4, only the super-user may specify values more than default.
 This option cannot be used with ping sweeps.
 .Pp
 For IPv6, you may need to specify
diff --git a/sbin/ping/ping.c b/sbin/ping/ping.c
index e6b1247af497..d9d544bc75c8 100644
--- a/sbin/ping/ping.c
+++ b/sbin/ping/ping.c
@@ -96,8 +96,8 @@
 #define	DEFDATALEN	56		/* default data length */
 #define	FLOOD_BACKOFF	20000		/* usecs to back off if F_FLOOD mode */
 					/* runs out of buffer space */
-#define	MAXIPLEN	((int)sizeof(struct ip) + MAX_IPOPTLEN)
-#define	MAXPAYLOAD	(IP_MAXPACKET - MAXIPLEN - ICMP_MINLEN)
+#define	MAXIPLEN	(sizeof(struct ip) + MAX_IPOPTLEN)
+#define	MAXICMPLEN	(ICMP_ADVLENMIN + MAX_IPOPTLEN)
 #define	MAXWAIT		10000		/* max ms to wait for response */
 #define	MAXALARM	(60 * 60)	/* max seconds for alarm timeout */
 #define	MAXTOS		255
@@ -458,10 +458,11 @@ ping(int argc, char *const *argv)
 				errx(EX_USAGE, "invalid packet size: `%s'",
 				    optarg);
 			datalen = (int)ltmp;
-			if (datalen > MAXPAYLOAD) {
-				errx(EX_USAGE,
+			if (uid != 0 && datalen > DEFDATALEN) {
+				errno = EPERM;
+				err(EX_NOPERM,
 				    "packet size too large: %d > %u",
-				    datalen, MAXPAYLOAD);
+				    datalen, DEFDATALEN);
 			}
 			break;
 		case 'T':		/* multicast TTL */