[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[bug-inetutils] bug fix for inetutils-1.6/inetd/inetd.c
|
From: |
Winston |
|
Subject: |
[bug-inetutils] bug fix for inetutils-1.6/inetd/inetd.c |
|
Date: |
Wed, 28 Jan 2009 22:30 EST |
This bug has been around for decades. I'm amazed it hasn't already
been fixed. :)
The bug:
In inetd, in the "server failing (looping), service terminated"
situation, the file descriptor opened by the accept() call for
nowait/SOCK_STREAM services isn't closed.
Consequence:
inetd could run out of free file descriptors, allowing a denial of
service via repeatedly evoking the bug with a flood of requests.
Suggested patch:
------------------------------
--- gnu-inetd.c~ 2008-12-27 13:50:35.000000000 -0500
+++ gnu-inetd.c 2009-01-28 22:06:02.000000000 -0500
@@ -2026,6 +2026,8 @@
"%s/%s server failing (looping), service
terminated",
sep->se_service, sep->se_proto);
close_sep (sep);
+ if (!sep->se_wait && sep->se_socktype == SOCK_STREAM)
+ close (ctrl);
signal_unblock (NULL);
if (!timingout)
{
------------------------------
If you agree with the patch, please pass it on to the BSD folks, too.
I don't have their bug submission address. HTH,
-WBE
| [Prev in Thread] |
Current Thread |
[Next in Thread] |
- [bug-inetutils] bug fix for inetutils-1.6/inetd/inetd.c,
Winston <=