From: Clifton Royston (no email)
Date: Sun Sep 08 2002 - 20:07:30 EDT
On Sat, Sep 07, 2002 at 11:38:50AM -0400, wrote:
>
> On Sat, 7 Sep 2002, Ralf Hildebrandt wrote:
>
> > mynetworks = 0.0.0.0/0
> > would suffice (with the default restrictions)
> >
>
> This does not work on SPARC hardware and possibly other CPUs. A 32bit
> shift is a NOP on a SPARC (instead of setting the result to zero, the
> shift operand is evaluated mod 32, so 0/0 is the same as 0/32 which
> matches only the 0.0.0.0 address verbatim).
Actually, it's worse than that. I fixed a similar bug in smail last
year as it happens, so I had to do some digging in language references
at the time. In C a shift by the number of bits in the object the
shift is performed on is undefined according to the language
definition, per Harbison & Steele, so the result of the operation is
entirely undefined and implementation dependent. ("It is allowed to
turn your computer into a frog" as the saying goes.) Correct code is
required to test for this case. I can look it up and give you a
specific cite to the ANSI spec when I'm back at the office. (At least
some GCC versions on i386 architecture will also convert this to a
no-op.)
> Postfix does not have logic in the address list matching code to handle
> 0/0 portably. This is good IMHO.
I think would disagree. You are presuming from one instance in which
it is better not to match all addresses too readily, that the same will
be true for all instances. In another context it might be desirable to
make it easy to match all addresses, and in any case it's better to
avoid both nonportable and compiler-dependent results, and unexpected
behavior.
-- Clifton
mask = (lshift == sizeof(mask) ) ? 0 : ( mask << lshift );
--
Clifton Royston -- LavaNet Systems Architect --
"What do we need to make our world come alive?
What does it take to make us sing?
While we're waiting for the next one to arrive..." - Sisters of Mercy
-
To unsubscribe, send mail to with content
(not subject): unsubscribe postfix-users
|
|
|