Date: Fri, 16 Dec 2005 17:26:43 +0100 From: Fabian Keil <freebsd-listen@fabiankeil.de> To: Kostik Belousov <kostikbel@gmail.com> Cc: Csaba Henk <csaba-ml@creo.hu>, freebsd-current@freebsd.org Subject: Re: Easy DoS Message-ID: <20051216172643.7cb10a57@TP51.local> In-Reply-To: <20051216151016.GE84442@deviant.zoral.local> References: <20051216133448.GA10382@beastie.creo.hu> <20051216151016.GE84442@deviant.zoral.local>
next in thread | previous in thread | raw e-mail | index | archive | help
--Sig_BbIMm2NoBmmZdmNvSZPO0E1
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: quoted-printable
Kostik Belousov <kostikbel@gmail.com> wrote:
> On Fri, Dec 16, 2005 at 02:34:48PM +0100, Csaba Henk wrote:
> > Do
> >=20
> > echo 'main() { write(1, 0, 1); }' > edos.c
> > gcc -o edos edos.c
> > ./edos | cat
> >=20
> > ... and now the edos process gets stuck in the write syscall,
> > unkillably, keeping the CPU spinning. (Seen on my 6.0-RELEASE and
> > 7.0-CURRENT boxen.)
> >=20
> > Is it a bug or a feature?
> >=20
> > Csaba
>=20
> Sure, it is a bug :).
>=20
> Please, try the following patch (against 7-CURRENT,
> shall work for 6-STABLE too):
>=20
> --- src-pristine/sys/kern/sys_pipe.c Mon Jul 11 11:33:58 2005
> +++ src-quotas/sys/kern/sys_pipe.c Fri Dec 16 17:03:01 2005
> @@ -1176,6 +1176,8 @@
> ("Pipe buffer overflow"));
> }
> pipeunlock(wpipe);
> + if (error !=3D 0)
> + break;
> } else {
> /*
> * If the "read-side" has been blocked, wake
> it up now.
The patch fixed the bug for 5.4-STABLE.
Fabian
--=20
http://www.fabiankeil.de/
--Sig_BbIMm2NoBmmZdmNvSZPO0E1
Content-Type: application/pgp-signature; name=signature.asc
Content-Disposition: attachment; filename=signature.asc
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (FreeBSD)
iD8DBQFDourWjV8GA4rMKUQRApHZAKCNxxtSA717ucXIcJCUeN5z93bv2gCgkx6R
/bh1jzj7m/yUHPa5FJKFTc4=
=mL65
-----END PGP SIGNATURE-----
--Sig_BbIMm2NoBmmZdmNvSZPO0E1--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20051216172643.7cb10a57>