https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4014
--- Comment #23 from Stephen Fisher <steve@xxxxxxxxxxxxxxxxxx> 2010-09-16 12:23:04 MDT ---
(In reply to comment #21)
> (In reply to comment #16)
> > on FreeBSD, /usr/src/sbin/ping/ping.c does this:
> >
> > ident = getpid() & 0xFFFF;
>
> Which is a bug of course. Starting with iputils-s20100214, this has been
> corrected to:
> ident = htons(getpid() & 0xFFFF);
I wouldn't call it a bug per-se, as RFC 792 (ICMP) basically says to use
whatever can be matched up on the sending host when the echo reply comes back.
I don't think Wireshark was thought of in September 1981 when Jon Postel wrote
that RFC :-)
> Not sure if FreeBSD has picked this up yet?
The FreeBSD maintainers would need to be convinced separately to change that,
since their code is based on the original ping.c by Mike Muuss in 1983 and
passed along from the original BSD project.
OpenBSD also retains the original use of the PID in host endian format.
NetBSD, however, using the arc4random() function in place of getpid().
NetBSD's rationale of changing this from getpid() in CVS revision 1.76 of
ping.c was "do not disclose endian" back in 2004.
> (In reply to comment #20)
> > I also changed both representations of the identifier field from BASE_HEX to
> > BASE_DEC_HEX for easy reference to Unix process ids.
>
> Nice. It should be obvious through process of elimination that both
> "Identifier" and "Sequence number" are the Big Endian representations ... but
> should they be changed to "Identifier (BE)" and "Sequence number (BE)" to
> explicitly indicate the endian-ness and match their (LE) counterparts?
Good point - less mental work means more productivity and every little bit
counts :). It looks much better lined up in the protocol tree anyway.
Committed in rev 34136.
--
Configure bugmail: https://bugs.wireshark.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.