Ping.Unix falsely returns successful pings #27996
Labels
area-System.Net
enhancement
Product code improvement that does NOT require public API changes/additions
os-linux
Linux OS (any supported distro)
Milestone
Our app pings a range of IPs, and occasionally it 'receives' a ping reply from a host that doesn't exist on the network.
(App is running with RawSockets permissions)
Checking the Ping code, it uses a random Identifier for the ping packet generated from a
[ThreadStatic] Random
https://github.com/dotnet/corefx/blob/master/src/System.Net.Ping/src/System/Net/NetworkInformation/Ping.Unix.cs#L21-L22
https://github.com/dotnet/corefx/blob/master/src/System.Net.Ping/src/System/Net/NetworkInformation/Ping.Unix.cs#L71-L73
Then when an
EchoRequest
comes in, it compares that Identifier to check if it matches what was sent out (it doesn't check the IP address as far as I can tell)https://github.com/dotnet/corefx/blob/master/src/System.Net.Ping/src/System/Net/NetworkInformation/Ping.Unix.cs#L103
What I guess is happening is that we randomly generate the same Identifier for a host that exists and a host that doesn't, so when we get the reply from the host that does exist, it gets incorrect counted as a reply for the host that doesn't exist.
I haven't done a packet capture to verify this is the cause, it takes days to reproduce, but can do so if necessary.
Could we compare the IP Address the reply is coming from, or use a shared counter for the Identifier or something to prevent reusing the same Identifier quickly?
The Ping code is pretty extensive, so I may have misinterpreted something.
Thanks!
The text was updated successfully, but these errors were encountered: