Easy DoS
Fabian Keil
freebsd-listen at fabiankeil.de
Fri Dec 16 08:27:20 PST 2005
Kostik Belousov <kostikbel at gmail.com> wrote:
> On Fri, Dec 16, 2005 at 02:34:48PM +0100, Csaba Henk wrote:
> > Do
> >
> > echo 'main() { write(1, 0, 1); }' > edos.c
> > gcc -o edos edos.c
> > ./edos | cat
> >
> > ... and now the edos process gets stuck in the write syscall,
> > unkillably, keeping the CPU spinning. (Seen on my 6.0-RELEASE and
> > 7.0-CURRENT boxen.)
> >
> > Is it a bug or a feature?
> >
> > Csaba
>
> Sure, it is a bug :).
>
> Please, try the following patch (against 7-CURRENT,
> shall work for 6-STABLE too):
>
> --- src-pristine/sys/kern/sys_pipe.c Mon Jul 11 11:33:58 2005
> +++ src-quotas/sys/kern/sys_pipe.c Fri Dec 16 17:03:01 2005
> @@ -1176,6 +1176,8 @@
> ("Pipe buffer overflow"));
> }
> pipeunlock(wpipe);
> + if (error != 0)
> + break;
> } else {
> /*
> * If the "read-side" has been blocked, wake
> it up now.
The patch fixed the bug for 5.4-STABLE.
Fabian
--
http://www.fabiankeil.de/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 187 bytes
Desc: not available
Url : http://lists.freebsd.org/pipermail/freebsd-current/attachments/20051216/b1012f01/signature.bin
More information about the freebsd-current
mailing list