Re: Fw: Local Denial-of-Service attack against Linux

From: Alexei Kuznetsov (kuznet@linuxtone.com.sg)
Date: Sat Mar 25 2000 - 09:43:45 EST

Hello!

Fixes for this problem are appended, patches are a bit different for 2.3 and 2.3.
The fix is tentative, it cures symptomes, real problem is still not solved.

Alexey

2.2:

--- linux/net/unix/af_unix.c~ Tue Aug 10 03:05:10 1999
+++ linux/net/unix/af_unix.c Sat Mar 25 22:31:47 2000
@@ -969,6 +969,10 @@
                         return -ENOTCONN;
         }
 
+ err = -EMSGSIZE;
+ if (len > sk->sndbuf)
+ goto out;
+
         if (sock->passcred && !sk->protinfo.af_unix.addr)
                 unix_autobind(sock);
 

2.3

--- linux/net/unix/af_unix.c~ Sat Mar 25 19:47:34 2000
+++ linux/net/unix/af_unix.c Sat Mar 25 22:20:48 2000
@@ -1087,6 +1087,10 @@
                         goto out;
         }
 
+ err = -EMSGSIZE;
+ if (len > sk->sndbuf)
+ goto out;
+
         if (sock->passcred && !sk->protinfo.af_unix.addr &&
             (err = unix_autobind(sock)) != 0)
                 goto out;

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/

This archive was generated by hypermail 2b29 : Fri Mar 31 2000 - 21:00:15 EST