Zaf’s Blog

The news is out that Service Pack 3 for Windows XP includes a change in Windows’ UPnP core. This change results in some differences in the UPnP packets it sends. The issue however is that some routers, which have implemented the bare minimums of the UPnP protocol, and have implemented it poorly, crash when receiving these UPnP Packets.

Whilst this is news, why is it news here?

Because everyones blaming Microsoft! I’ve witnessed some crazy discussions where people are putting forward what seems like “rational” arguments, that we should wait and see before blaming the routers, as it may be a bug with Windows.

Thats not the point! A Router, as a network device (in fact any device at all!) should NEVER crash because of a packet it receives on the network. This is what Ping Of Death was with Windows 95. A fault in Windows’ networking code that caused it to crash. Noone thought the fault was with the “ping.exe” command, because it could be made to send a deadly packet (ok, some people did, but they don’t count, they’re in Congress).

A router should never crash, full stop, and it should never ever crash because of a packet, or a series of packets received via the network. The only way I should be able to crash any router (and in fact, any PC, but lets not get ahead of ourselves) is to replace the firmware with my own buggy version.

Now if it turns out that Service Pack 3 has a buggy implementation of the UPnP protocol, then yes, Microsoft should fix it, because a properly functioning router will disregard the buggy packets, and the UPnP part won’t work. The properly functioning router will keep working and clients with other operating systems will still happily use the UPnP functionality.

Either way, I’m sick of people blaming the symptom rather than the disease. Oh, and I hate it how I can still crash a large number of ethernet printers and print servers by sending specially crafted requests. They shouldn’t crash either, and I shouldn’t be left alone with an ethernet connection and a room full of colour A3 printers.

This entry was posted on Monday, June 9th, 2008 at 3:50 am and is filed under post. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.