[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[bug-inetutils] bug fix for inetutils-1.6/inetd/inetd.c

From: Winston
Subject: [bug-inetutils] bug fix for inetutils-1.6/inetd/inetd.c
Date: Wed, 28 Jan 2009 22:30 EST

  This bug has been around for decades.  I'm amazed it hasn't already
been fixed.  :)

The bug:
   In inetd, in the "server failing (looping), service terminated"
   situation, the file descriptor opened by the accept() call for
   nowait/SOCK_STREAM services isn't closed.

   inetd could run out of free file descriptors, allowing a denial of
   service via repeatedly evoking the bug with a flood of requests.

Suggested patch:
--- gnu-inetd.c~        2008-12-27 13:50:35.000000000 -0500
+++ gnu-inetd.c 2009-01-28 22:06:02.000000000 -0500
@@ -2026,6 +2026,8 @@
                                "%s/%s server failing (looping), service 
                                sep->se_service, sep->se_proto);
                        close_sep (sep);
+                       if (!sep->se_wait && sep->se_socktype == SOCK_STREAM)
+                          close (ctrl);
                        signal_unblock (NULL);
                        if (!timingout)

   If you agree with the patch, please pass it on to the BSD folks, too.
I don't have their bug submission address.  HTH,

reply via email to

[Prev in Thread] Current Thread [Next in Thread]