On 5/31/2011 10:52 AM, Paul Hoffman wrote:
On May 31, 2011, at 10:23 AM, Randy Bush wrote:
1. Maybe add to section 5.9 "An Error Report PDU MUST NOT be sent for
an Error Report PDU.".
makes sense
To answer the initial request, it seems reasonable to specify "the
length of the Arbitrary Text of Error Diagnostic Message MUST NOT be
longer than 200 octets". That keeps the length of the entire PDU under
the semi-magic 256 octets for the current version of the protocol
in what way is 256 octets semi-magic?
C or assembly-based implementations will need to malloc (etc.) the
buffer for the incoming message. Having that fit into 256 octets could
easily have some value to some implementations. There is no security
problem if the cache ignores such a MUST and makes the message longer
because the length is given the PDU. (Having said that, I hope router
implementers of this protocol are being robust in checking the lengths
in this PDU; I can already see ways to craft malicious versions of this
PDU that might trigger a buffer overflow...)
These are good reasons for robust implementations to check for the
message length and read only as much as the currently allocated buffer
allows, reading more in as needed.
There's no need for a MUST for that. Attackers tend to ignore MUSTs anyway.
Joe
_______________________________________________
sidr mailing list
sidr@ietf.org
https://www.ietf.org/mailman/listinfo/sidr
