Bugtraq mailing list archives

Re: Analysis of jolt2.c (MS00-029)

From: avalon () COOMBS ANU EDU AU (Darren Reed)
Date: Sat, 27 May 2000 09:51:45 +1000


In some mail from Mikael Olsson, sie said:
[...]

2. Microsoft doesn't verify the checksum prior to storing it.
   Microsoft doesn't verify the structural integrity (the
     packet is truncated!)

[...]

I think it has been mentioned before that the MS TCP/IP code is
implemented in such a way that each of TCP, UDP, ICMP (and any
further protocol, such as IGMP?) have to do all their own sanity
checking of fragments, checksums, etc.  I can only think that
they believe there is some performance benefit to be gained here.

Darren

Current thread:

Analysis of jolt2.c (MS00-029) Mikael Olsson (May 26)
- Re: Analysis of jolt2.c (MS00-029) Darren Reed (May 26)