From 6d9bb996271cc244db74f4c0337126e2eef1c4c8 Mon Sep 17 00:00:00 2001
From: Cameron Gutman <aicommander@gmail.com>
Date: Sun, 25 Oct 2009 04:30:28 +0000
Subject: [PATCH]  - Fix sending malformed ICMP packets because we read the
 wrong length from the wrong address in the buffer  - Fix the sequence number
 stored in the packet  - Fix potential null pointer freeing  - tracert
 partially works now (Setting TTL isn't implemented yet)

svn path=/trunk/; revision=43732
---
 reactos/base/applications/network/tracert/tracert.c | 10 +++++-----
 reactos/base/applications/network/tracert/tracert.h |  4 ++--
 2 files changed, 7 insertions(+), 7 deletions(-)

diff --git a/reactos/base/applications/network/tracert/tracert.c b/reactos/base/applications/network/tracert/tracert.c
index faf5973252f..97bc8b8df1c 100644
--- a/reactos/base/applications/network/tracert/tracert.c
+++ b/reactos/base/applications/network/tracert/tracert.c
@@ -260,10 +260,10 @@ PreparePacket(PAPPINFO pInfo,
     pInfo->SendPacket->icmpheader.code     = 0;
     pInfo->SendPacket->icmpheader.checksum = 0;
     pInfo->SendPacket->icmpheader.id       = (USHORT)GetCurrentProcessId();
-    pInfo->SendPacket->icmpheader.seq      = iSeqNum;
+    pInfo->SendPacket->icmpheader.seq      = htons((USHORT)iSeqNum);
 
     /* calculate checksum of packet */
-    pInfo->SendPacket->icmpheader.checksum  = CheckSum((PUSHORT)&pInfo->SendPacket,
+    pInfo->SendPacket->icmpheader.checksum  = CheckSum((PUSHORT)&pInfo->SendPacket->icmpheader,
                                                        sizeof(ICMP_HEADER) + PACKET_SIZE);
 }
 
@@ -279,8 +279,8 @@ SendPacket(PAPPINFO pInfo)
     pInfo->lTimeStart = GetTime(pInfo);
 
     iSockRet = sendto(pInfo->icmpSock,              //socket
-                      (char *)pInfo->SendPacket,   //buffer
-                      PACKET_SIZE,                  //size of buffer
+                      (char *)&pInfo->SendPacket->icmpheader,//buffer
+                      sizeof(ICMP_HEADER) + PACKET_SIZE,//size of buffer
                       0,                            //flags
                       (SOCKADDR *)&pInfo->dest,     //destination
                       sizeof(pInfo->dest));         //address length
@@ -598,7 +598,7 @@ Cleanup(PAPPINFO pInfo)
                  0,
                  pInfo->SendPacket);
 
-    if (pInfo->SendPacket)
+    if (pInfo->RecvPacket)
         HeapFree(GetProcessHeap(),
                  0,
                  pInfo->RecvPacket);
diff --git a/reactos/base/applications/network/tracert/tracert.h b/reactos/base/applications/network/tracert/tracert.h
index e7b5e4cd62c..cc38b55ecee 100644
--- a/reactos/base/applications/network/tracert/tracert.h
+++ b/reactos/base/applications/network/tracert/tracert.h
@@ -13,7 +13,7 @@
 #define TTL_EXCEEDED 11
 
 #define MAX_PING_PACKET_SIZE 1024
-#define MAX_PING_DATA_SIZE (MAX_PING_PACKET_SIZE + sizeof(IPv4Header)
+#define MAX_PING_DATA_SIZE (MAX_PING_PACKET_SIZE + sizeof(IPv4Header))
 #define PACKET_SIZE 32
 #define ICMP_MIN_SIZE 8
 
@@ -53,8 +53,8 @@ typedef struct ICMPHeader
 /* ICMP Echo Reply Header, 12 bytes */
 typedef struct EchoReplyHeader
 {
-    struct ICMPHeader icmpheader;
     struct timeval timestamp;
+    struct ICMPHeader icmpheader;
 } ECHO_REPLY_HEADER, *PECHO_REPLY_HEADER;
 
 /* ICMP Echo Reply Header, 12 bytes */
-- 
2.17.1