From owner-freebsd-security Sat Jan 22 1: 3:10 2000 Delivered-To: freebsd-security@freebsd.org Received: from gatekeeper.tsc.tdk.com (gatekeeper.tsc.tdk.com [207.113.159.21]) by hub.freebsd.org (Postfix) with ESMTP id 8A69914CDF for ; Sat, 22 Jan 2000 01:03:06 -0800 (PST) (envelope-from gdonl@tsc.tdk.com) Received: from imap.gv.tsc.tdk.com (imap.gv.tsc.tdk.com [192.168.241.198]) by gatekeeper.tsc.tdk.com (8.8.8/8.8.8) with ESMTP id BAA19728; Sat, 22 Jan 2000 01:03:02 -0800 (PST) (envelope-from gdonl@tsc.tdk.com) Received: from salsa.gv.tsc.tdk.com (salsa.gv.tsc.tdk.com [192.168.241.194]) by imap.gv.tsc.tdk.com (8.9.3/8.9.3) with ESMTP id BAA53962; Sat, 22 Jan 2000 01:03:01 -0800 (PST) (envelope-from Don.Lewis@tsc.tdk.com) Received: (from gdonl@localhost) by salsa.gv.tsc.tdk.com (8.8.5/8.8.5) id BAA16359; Sat, 22 Jan 2000 01:02:59 -0800 (PST) Message-Id: <200001220902.BAA16359@salsa.gv.tsc.tdk.com> From: gdonl@tsc.tdk.com (Don Lewis) Date: Sat, 22 Jan 2000 01:02:59 -0800 In-Reply-To: Brett Glass "Re: stream.c worst-case kernel paths" (Jan 22, 12:29am) X-Mailer: Mail User's Shell (7.2.6 beta(5) 10/07/98) To: Brett Glass Subject: Re: stream.c worst-case kernel paths Cc: security@FreeBSD.ORG Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Jan 22, 12:29am, Brett Glass wrote: } Subject: Re: stream.c worst-case kernel paths } At 11:32 PM 1/21/2000 , Don Lewis wrote: } } >Actually, I think TH_SYN+TH_RST should immediately go to "drop", } >do not pass GO, do not collect $200 ... } } You're right. Actually, shouldn't RST- be tossed, } since you should never reply to a RST? While you never reply to a RST, reception of a RST can cause the state of a connection to change if the packet passes the appropriate sequence number validation tests. Both bare RST and RST+ACK packets are valid, see RFC 793. I'm pretty sure that RST+FIN and RST+SYN are not valid and should be dropped. The code should already handle all of this, though the checks are distributed throughout the code instead of being all in one place. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message