From owner-freebsd-security Thu Dec 16 22:30:16 1999 Delivered-To: freebsd-security@freebsd.org Received: from oracle.dsuper.net (oracle.dsuper.net [205.205.255.1]) by hub.freebsd.org (Postfix) with ESMTP id CB39C15081 for ; Thu, 16 Dec 1999 22:29:01 -0800 (PST) (envelope-from bmilekic@dsuper.net) Received: from oracle.dsuper.net (oracle.dsuper.net [205.205.255.1]) by oracle.dsuper.net (8.9.3/8.9.3) with ESMTP id BAA32255; Fri, 17 Dec 1999 01:28:58 -0500 (EST) Date: Fri, 17 Dec 1999 01:28:58 -0500 (EST) From: Bosko Milekic To: jason schwab Cc: freebsd-security@FreeBSD.ORG Subject: Re: !!!really, really big problem with *BSD!!! In-Reply-To: <19991217060946.67059.qmail@hotmail.com> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Fri, 17 Dec 1999, jason schwab wrote: !>I was surfing the net and talking on irc, as usual, I see this !>sockopt.c file, my friend sends me it, he tells me it'll lock up !>any openbsd / netbsd / freebsd server, just compile normally and run !>it.. poof locks up... !> !>I tried it on OpenBSD 2.5, OpenBSD 2.6, FreeBSD 3.1-RELEASE, !>FreeBSD 3.2-STABLE, FreeBSD 3.3-RELEASE and FreeBSD 3.3-STABLE !> !>and it WORKED. This situation has been fixed, in two different ways which, for what concerns this particular "problem" (really, it's a resource exhaustion) in -CURRENT: (a) Limit sockbuf size. (b) Code has been added to -CURRENT which will prevent the system from going down. (e.g. panic()). !> !>can we work together on fixxing this? non-root user, just compiles !>and runs, and poof system locks up. !> !>Thanks, !>Jason L. Schwab !> !>(below is the sockopt.c file, also found on www.hack.co.za) !> !><......snip.......> You really should have taken a look at the mailing list archives before switching on the alarm. :-) Bosko. -- Bosko Milekic To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message