Date: Fri, 3 Oct 2003 10:24:40 +0100 From: Bruce M Simpson <bms@spc.org> To: Bruce M Simpson <bms@FreeBSD.org> Cc: cvs-all@FreeBSD.org Subject: Re: cvs commit: src/sys/netinet if_ether.c Message-ID: <20031003092440.GE9213@saboteur.dek.spc.org> In-Reply-To: <200310030919.h939JNP3049158@repoman.freebsd.org> References: <200310030919.h939JNP3049158@repoman.freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Fri, Oct 03, 2003 at 02:19:23AM -0700, Bruce M Simpson wrote:
> Only delete the route if arplookup() tried to create it. Do not delete
> RTF_STATIC routes. Do not check for RTF_HOST so as to avoid being DoSed
> when an RTF_GENMASK route exists in the table.
^^^^^^^^^^^^
I meant RTA_GENMASK (and thus RTF_CLONING) here of course.
This may not be the last of such commits -- it looks like our handling of
RTF_LLINFO may be inconsistent in a number of places, but this should be
enough to fix the denial-of-service.
BMS
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20031003092440.GE9213>