nmap UDP scan against 8.0-CURRENT -> fatal trap 12
rwatson at FreeBSD.org
Sun Aug 9 20:51:38 UTC 2009
On Sun, 9 Aug 2009, Rick Macklem wrote:
>> Initial results are certainly good! :-) Pre-patch, it panicked three times
>> in a row, as I said within a few seconds. Post-patch I've looped the
>> simpler scan for a while (10 minutes, or about 8-9 runs) with no crash, and
>> I also ran the more extensive one (which I doubt makes any difference...)
>> once. Just for fun, I tried actually using nfsd while looping the scan,
>> too. No problems.
> Ok, sounds good. It's already in the re@ queue, so it should make it into
> 8.0. If it does crap out again, please let the list (and me) know.
> Thanks for testing the patch, rick ps: Thanks mostly goes to pho@ for his
> "wicked" test scripts that found the crash that the above patch fixes + a
> bunch of others.
It sounds a bit like we would benefit from some directed RPC fuzzing on the
NFS client and server. I wonder if an existing fuzzer could easily be adapted
to generate RPC-like garbage?
Robert N M Watson
University of Cambridge
More information about the freebsd-current