Date: Mon, 14 Feb 2011 11:36:25 +0100 From: Egoitz Aurrekoetxea Aurre <egoitz@ramattack.net> To: freebsd-security@freebsd.org Subject: Re: Recent full disclosure post - Local DOS Message-ID: <DDEB1B66-BD16-44B1-AAA2-BE5F04F0B0E6@ramattack.net> In-Reply-To: <EED67904-5DAC-4A32-954B-6C53FAF48CF1@ramattack.net> References: <4D42D2B2.4030806@tomjudge.com> <201101281209.51046.john@baldwin.cx> <4D42FF0E.9030407@tomjudge.com> <201101281427.19212.jhb@freebsd.org> <20110129003032.GA16316@movsx> <4D473A53.6000602@freebsd.org> <EED67904-5DAC-4A32-954B-6C53FAF48CF1@ramattack.net>
next in thread | previous in thread | raw e-mail | index | archive | help
Hi all!,
I have seen the patch has been applied in releng_7_4, releng_8_2, stable, head... but not in releng_8_1 or releng_8_0... is it planned to be applied too on this branches??
Thanks a lot.
Bye!
El 03/02/2011, a las 17:19, Egoitz Aurrekoetxea Aurre escribió:
> Hi all,
>
> So then, this just crashes in current?? else... is it known which kernel nic drivers cause this?. I have attempted to crash a 8.1-release on vmware fusion virtual machine without success...
>
> Thanks a lot!,
> Bye!
>
>
> El 31/01/2011, a las 23:40, Lawrence Stewart escribió:
>
>> On 01/29/11 11:30, Christian Peron wrote:
>>> On Fri, Jan 28, 2011 at 02:27:18PM -0500, John Baldwin wrote:
>>> [..]
>>>> ===================================================================
>>>> --- tcp_usrreq.c (revision 218018)
>>>> +++ tcp_usrreq.c (working copy)
>>>> @@ -1330,7 +1330,8 @@ tcp_ctloutput(struct socket *so, struct sockopt *s
>>>> tp->t_flags |= TF_NOPUSH;
>>>> else {
>>>> tp->t_flags &= ~TF_NOPUSH;
>>>> - error = tcp_output(tp);
>>>> + if (TCPS_HAVEESTABLISHED(tp->t_state))
>>>> + error = tcp_output(tp);
>>>> }
>>>> INP_WUNLOCK(inp);
>>>> break;
>>>
>>> I was thinking of correcting it the same way.. I might even do something
>>> like:
>>>
>>> else {
>>> if (tp->t_flags & TF_NOPUSH) {
>>> tp->t_flags &= ~TF_NOPUSH;
>>> if (TCPS_HAVEESTABLISHED(tp->t_state))
>>> error = tcp_output(tp);
>>> }
>>> }
>>>
>>> By default, this mask is not set.. so un-setting it and calling tcp_output()
>>> if it was not already set seems wasteful
>>
>> Apologies for tuning in late, but FWIW I concur and think the above
>> patch is appropriate.
>>
>> Cheers,
>> Lawrence
>> _______________________________________________
>> freebsd-security@freebsd.org mailing list
>> http://lists.freebsd.org/mailman/listinfo/freebsd-security
>> To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org"
>
> _______________________________________________
> freebsd-security@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-security
> To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org"
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?DDEB1B66-BD16-44B1-AAA2-BE5F04F0B0E6>