libtins icon indicating copy to clipboard operation
libtins copied to clipboard
verified publisher icon mfontanini

wrong tot_len field of serialized ip package

Open Streamlet opened this issue 3 months ago • 1 comments

I noticed the following code in ip.cpp

    #if __FreeBSD__ || defined(__FreeBSD_kernel__) || __APPLE__
        if (!parent_pdu()) {
            total_sz = Endian::host_to_be<uint16_t>(total_sz);
            header_.frag_off = Endian::be_to_host(header_.frag_off);
        }
    #endif

This conditionally reverses byte order on BSD and macOS. However, BSD and macOS machines are usually little-endian, so the issue here is not endianness.

The actual difference comes from how the IP header bitfields are defined on BSD/macOS versus Linux. It seems the code is conflating bitfield layout differences with byte order differences.

Streamlet avatar Aug 26 '25 01:08 Streamlet

Suggested fix

Remove this conditional block and handle BSD/macOS the same way as Linux.

Alternatively, to avoid relying on system-specific struct ip definitions with bitfields, replace them with explicit integer fields (uint16_t) and masks. This makes the code portable without needing endian hacks.

Streamlet avatar Aug 26 '25 01:08 Streamlet