From owner-freebsd-security Fri Jan 21 7:15:37 2000 Delivered-To: freebsd-security@freebsd.org Received: from gatekeeper.tsc.tdk.com (gatekeeper.tsc.tdk.com [207.113.159.21]) by hub.freebsd.org (Postfix) with ESMTP id 0138515162 for ; Fri, 21 Jan 2000 07:15:36 -0800 (PST) (envelope-from gdonl@tsc.tdk.com) Received: from imap.gv.tsc.tdk.com (imap.gv.tsc.tdk.com [192.168.241.198]) by gatekeeper.tsc.tdk.com (8.8.8/8.8.8) with ESMTP id HAA05925; Fri, 21 Jan 2000 07:15:27 -0800 (PST) (envelope-from gdonl@tsc.tdk.com) Received: from salsa.gv.tsc.tdk.com (salsa.gv.tsc.tdk.com [192.168.241.194]) by imap.gv.tsc.tdk.com (8.9.3/8.9.3) with ESMTP id HAA47763; Fri, 21 Jan 2000 07:15:27 -0800 (PST) (envelope-from Don.Lewis@tsc.tdk.com) Received: (from gdonl@localhost) by salsa.gv.tsc.tdk.com (8.8.5/8.8.5) id HAA13087; Fri, 21 Jan 2000 07:15:26 -0800 (PST) Message-Id: <200001211515.HAA13087@salsa.gv.tsc.tdk.com> From: gdonl@tsc.tdk.com (Don Lewis) Date: Fri, 21 Jan 2000 07:15:26 -0800 In-Reply-To: gdonl@tsc.tdk.com (Don Lewis) "Re: stream.c worst-case kernel paths" (Jan 21, 6:55am) X-Mailer: Mail User's Shell (7.2.6 beta(5) 10/07/98) To: gdonl@tsc.tdk.com (Don Lewis), Darren Reed , brett@lariat.org (Brett Glass) Subject: Re: stream.c worst-case kernel paths Cc: security@FreeBSD.ORG Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Jan 21, 6:55am, Don Lewis wrote: } Subject: Re: stream.c worst-case kernel paths } In some mail from Brett Glass, sie said: } > Trouble is, a smart attacker will fire the barrage at a port on which the machine is } > listening. This makes the code path longer because the hash table lookup will succeed. } } Good catch. I figured that skipping the extra hash lookup would be a } good optimizatin, but I didn't notice this problem. I forgot to mention that this also fixes the bug (that we previously fixed another way) that leaks information about which sockets are listening to port scanners that send ACK-only packets. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message