Re: Fw: Local Denial-of-Service attack against Linux

• Previous message: Russell King: "NFS stops dead in 2.3.99pre3 (extra info)"
• In reply to: Enri: "Fw: Local Denial-of-Service attack against Linux"
• Next in thread: Manfred Spraul: "Re: Fw: Local Denial-of-Service attack against Linux"
• Reply: Manfred Spraul: "Re: Fw: Local Denial-of-Service attack against Linux"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hello!

Fixes for this problem are appended, patches are a bit different for 2.3 and 2.3.
The fix is tentative, it cures symptomes, real problem is still not solved.

Alexey

2.2:

--- linux/net/unix/af_unix.c~ Tue Aug 10 03:05:10 1999
+++ linux/net/unix/af_unix.c Sat Mar 25 22:31:47 2000
@@ -969,6 +969,10 @@
                         return -ENOTCONN;
         }
 
+ err = -EMSGSIZE;
+ if (len > sk->sndbuf)
+ goto out;
+
         if (sock->passcred && !sk->protinfo.af_unix.addr)
                 unix_autobind(sock);
 

2.3

--- linux/net/unix/af_unix.c~ Sat Mar 25 19:47:34 2000
+++ linux/net/unix/af_unix.c Sat Mar 25 22:20:48 2000
@@ -1087,6 +1087,10 @@
                         goto out;
         }
 
+ err = -EMSGSIZE;
+ if (len > sk->sndbuf)
+ goto out;
+
         if (sock->passcred && !sk->protinfo.af_unix.addr &&
             (err = unix_autobind(sock)) != 0)
                 goto out;

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/

• Next message: Christopher M. Bennett: "sb1000 in 2.3.99pre3"
• Previous message: Russell King: "NFS stops dead in 2.3.99pre3 (extra info)"
• In reply to: Enri: "Fw: Local Denial-of-Service attack against Linux"
• Next in thread: Manfred Spraul: "Re: Fw: Local Denial-of-Service attack against Linux"
• Reply: Manfred Spraul: "Re: Fw: Local Denial-of-Service attack against Linux"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b29 : Sat Mar 25 2000 - 09:43:30 EST