IP fragmentation allows oversized IP packets to be split to fit on a smaller network. They are re-assembled on the destination machine. As the packet fragments can overlap, we need to decide data acceptance policy for overlapping segments. In our operating system Zumba, if we find that the current fragment's fp->offset to be inside the end (prev->end) of a previous fragment (prev), then we align it such that old data is not replaced. The current segment can only start writing (decided by ptr) at the end of the previous segment. This is ensured by the following C code segment. if (prev != NULL && fp->offset end) // overlapping fragments i - prev->end - fp->offset; fp->offset += i; /* offset ptr into datagram */ ptr += i; //shift to the end of the previous fragment /* ptr into fragment data */ After the above structure, the offset and ptr values are passed to another function, where the length of the current fragment fp is computed as follows fp->len = fp-> end- fp->offset; a) What can go wrong with this? Demonstrate a possible vulnerability that can arise due to the above code? b) How can you fix this vulnerability? Propose a fix to the problem IP fragmentation allows oversized IP packets to be split to fit on a smaller network. They are re-assembled on the destination machine. As the packet fragments can overlap, we need to decide data acceptance policy for overlapping segments. In our operating system Zumba, if we find that the current fragment's fp->offset to be inside the end (prev->end) of a previous fragment (prev), then we align it such that old data is not replaced. The current segment can only start writing (decided by ptr) at the end of the previous segment. This is ensured by the following C code segment. if (prev != NULL && fp->offset end) // overlapping fragments i - prev->end - fp->offset; fp->offset += i; /* offset ptr into datagram */ ptr += i; //shift to the end of the previous fragment /* ptr into fragment data */ After the above structure, the offset and ptr values are passed to another function, where the length of the current fragment fp is computed as follows fp->len = fp-> end- fp->offset; a) What can go wrong with this? Demonstrate a possible vulnerability that can arise due to the above code? b) How can you fix this vulnerability? Propose a fix to the