Bug 209270 - [igmp] logic error in igmp_v3_suppress_group_record
Summary: [igmp] logic error in igmp_v3_suppress_group_record
Status: New
Alias: None
Product: Base System
Classification: Unclassified
Component: kern (show other bugs)
Version: CURRENT
Hardware: Any Any
: --- Affects Only Me
Assignee: freebsd-net mailing list
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2016-05-04 20:45 UTC by Miles Ohlrich
Modified: 2016-05-04 21:22 UTC (History)
1 user (show)

See Also:


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Miles Ohlrich 2016-05-04 20:45:16 UTC
In igmp_v2_suppress_group_record, I see the following:

        if (inm->inm_state != IGMP_G_QUERY_PENDING_MEMBER ||
            inm->inm_state != IGMP_SG_QUERY_PENDING_MEMBER)
                return;

This is always true due to the logical OR.

It looks like it should be this:

        if (inm->inm_state != IGMP_G_QUERY_PENDING_MEMBER &&
            inm->inm_state != IGMP_SG_QUERY_PENDING_MEMBER)
                return;

I do not know the affect of the change, but the code as written looks 
very suspiciously like a programming error.
Comment 1 Enji Cooper freebsd_committer 2016-05-04 21:22:17 UTC
This change has been in since 2009:

71233409e (bms     2009-03-09 17:53:05 +0000 1939)      if (inm->inm_state != IGMP_G_QUERY_PENDING_MEMBER ||
71233409e (bms     2009-03-09 17:53:05 +0000 1940)          inm->inm_state != IGMP_SG_QUERY_PENDING_MEMBER)
71233409e (bms     2009-03-09 17:53:05 +0000 1941)              return;

I agree with this likely being a logic error. Forwarding over to net@ for inspection though.