Date: Tue, 05 Aug 1997 01:19:44 +0200 From: Tor Egge <Tor.Egge@idi.ntnu.no> To: ru@ucb.crimea.ua Cc: freebsd-bugs@FreeBSD.ORG, torstenb@FreeBSD.ORG Subject: Re: CPSR #8: identd Denial of Service (fwd) Message-ID: <199708042319.BAA10763@pat.idi.ntnu.no> In-Reply-To: Your message of "Mon, 4 Aug 1997 19:14:17 %2B0300 (EET DST)" References: <199708041614.TAA23764@relay.ucb.crimea.ua>
next in thread | previous in thread | raw e-mail | index | archive | help
> Index: libexec/identd/identd.c > =================================================================== > RCS file: /cvs/src/libexec/identd/identd.c,v > retrieving revision 1.4 > retrieving revision 1.5 > diff -r1.4 -r1.5 > 2c2 > < ** $Id: identd.c,v 1.4 1997/07/23 20:36:27 kstailey Exp $ > --- > > ** $Id: identd.c,v 1.5 1997/07/29 07:49:31 deraadt Exp $ > 180a181 > > int save_errno = errno; > 184a186 > > errno = save_errno; > This patch causes the SIGCHLD handler to no longer clobber errno. While this is a bug fix, it should only affect the parent process and remove some bogus "main: select" error messages. Since the kernel might change during the call to k_getuid(), you still have the problem with possible infinite loops and wrong return values from k_getuid(). Several methods can be used to limit this problem: 1. alarm handler 2. setrlimit(RLIMIT_CPU,...) 3. count the number of calls to getbuf, and impose a reasonable limit. 4. Move the socket/uid lookup into the kernel (eliminate most of k_getuid). This also eliminates the problem of a wrong value being returned. Negative impact: About 200 bytes kernel bloat. 5. Don't run identd. I use method 4. - Tor Egge
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199708042319.BAA10763>