Skip site navigation (1)Skip section navigation (2) 
Date:      Tue, 28 Oct 1997 19:37:02 +1100
From:      Bruce Evans <bde@zeta.org.au>
To:        fenner@parc.xerox.com, guido@gvr.org
Cc:        cvs-all@FreeBSD.ORG, cvs-committers@FreeBSD.ORG, cvs-sys@FreeBSD.ORG, guido@FreeBSD.ORG
Subject:   Re: cvs commit: src/sys/netinet ip_input.c
Message-ID:  <199710280837.TAA17899@godzilla.zeta.org.au>
next in thread | raw e-mail | index | archive | help 
>> However, there is a problem with the actual change: the "goto" bypasses
>> the strcpy() which gives log() something to print.  In addition, the whole
>> log(LOG_WARNING, ...) for each packet provides a wonderful denial of service
>> attack (I understand this isn't new with this commit, but it's still an
>> issue).
>
>I will correct the strcpy thing tonight. The denail os service attack is indeed
>present, but we do want the logging.
>A kludge would be to add yet another sysctl variable, that controls
>the logging that is cleared after a number of logs, together with a message
>that logging has stopped and can be restarted by resetting the flag.
>Another solution is to not allow more then XXX logging entries per minut.

Other bugs:
new: the source of the goto is also misplaced (after a comment that doesn't
     apply to it).
old: the declaration and initialization of `buf' have several style bugs
     (only one of which is fixed in the enclosed patch).

Bruce

diff -c2 ip_input.c~ ip_input.c
*** ip_input.c~	Tue Oct 28 14:20:02 1997
--- ip_input.c	Tue Oct 28 14:50:57 1997
***************
*** 947,956 ****
  					goto bad;
  				}
  				/*
  				 * Loose routing, and not at next destination
  				 * yet; nothing to do except forward.
  				 */
- 				if (!ip_dosourceroute)
- 					goto nosourcerouting;
  				break;
  			}
--- 945,954 ----
  					goto bad;
  				}
+ 				if (!ip_dosourceroute)
+ 					goto nosourcerouting;
  				/*
  				 * Loose routing, and not at next destination
  				 * yet; nothing to do except forward.
  				 */
  				break;
  			}
***************
*** 966,972 ****
  			if (!ip_dosourceroute) {
  				char buf[4*sizeof "123"];
- 				strcpy(buf, inet_ntoa(ip->ip_dst));
  
  nosourcerouting:
  				log(LOG_WARNING, 
  				    "attempted source route from %s to %s\n",
--- 964,970 ----
  			if (!ip_dosourceroute) {
  				char buf[4*sizeof "123"];
  
  nosourcerouting:
+ 				strcpy(buf, inet_ntoa(ip->ip_dst));
  				log(LOG_WARNING, 
  				    "attempted source route from %s to %s\n",

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199710280837.TAA17899>