d/freebsd-dev
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
7ed9f6ceaf
freebsd-dev/lib
History
wpaul 5dfe53a812 Change the sanity test here. It's not correct to assume that the record 
size we receive here should fit into the receive buffer. Unfortunately,
there's no 100% foolproof way to distinguish a ridiculously large record
size that a client actually meant to send us from a ridiculously large
record size that was sent as a spoof attempt.

The one value that we can positively identify as bogus is zero. A
zero-sized record makes absolutely no sense, and sending an endless
supply of zeroes will cause the server to loop forever trying to
fill its receive buffer.

Note that the changes made to readtcp() make it okay to revert this
sanity test since the deadlock case where a client can keep the server
occupied forever in the readtcp() select() loop can't happen anymore.
This solution is not ideal, but is relatively easy to implement. The
ideal solution would be to re-arrange the way dispatching is handled
so that the select() loop in readtcp() can be eliminated, but this is
difficult to implement. I do plan to implement the complete solution
eventually but in the meantime I don't want to leave the RPC library
totally vulnerable.

That you very much Sun, may I have another.
1998-05-20 15:56:11 +00:00
..
compat This commit was manufactured by cvs2svn to create branch 'jb'. 1998-01-11 03:30:40 +00:00
csu Force BOOTSTRAP mode all the time while the headers are broken on alpha 1998-05-04 02:06:09 +00:00
libalias o Support a compile-time -DNO_FW_PUNCH for portability 1998-04-19 21:42:07 +00:00
libbind Build libbind for named and friends (not installed in /usr/lib) 1998-05-03 05:04:21 +00:00
libc Change the sanity test here. It's not correct to assume that the record 1998-05-20 15:56:11 +00:00
libc_r Treat the lock value as volatile. 1998-05-05 21:47:58 +00:00
libcalendar .Sh AUTHOR -> .Sh AUTHORS. Use .An/.Aq 1998-03-19 07:34:22 +00:00
libcom_err This commit was manufactured by cvs2svn to create branch 'jb'. 1998-01-11 03:30:40 +00:00
libcompat .Sh AUTHOR -> .Sh AUTHORS. Use .An/.Aq 1998-03-19 07:34:22 +00:00
libcrypt This commit was manufactured by cvs2svn to create branch 'jb'. 1998-01-11 03:30:40 +00:00
libcurses .Sh AUTHOR -> .Sh AUTHORS. Use .An/.Aq 1998-03-19 07:34:22 +00:00
libdisk Add new NetBSD FFS with FDISK partition ID 0xa9 1998-05-19 11:15:44 +00:00
libedit .Sh AUTHOR -> .Sh AUTHORS. Use .An/.Aq 1998-03-19 07:34:22 +00:00
libf2c Resurrect exit.c 1998-04-29 22:43:18 +00:00
libF77 Resurrect exit.c 1998-04-29 22:43:18 +00:00
libftpio Correctly figure out that the remove cannot do passive mode. 1998-04-11 07:28:53 +00:00
libgnumalloc This commit was manufactured by cvs2svn to create branch 'jb'. 1998-01-11 03:30:40 +00:00
libI77 This commit was manufactured by cvs2svn to create branch 'jb'. 1998-01-11 03:30:40 +00:00
libipx This commit was manufactured by cvs2svn to create branch 'jb'. 1998-01-11 03:30:40 +00:00
libkse Treat the lock value as volatile. 1998-05-05 21:47:58 +00:00
libkvm Fixed bugs in the conversion of kvm to to use procfs in rev.1.3. All 1998-01-16 16:45:05 +00:00
libm This commit was manufactured by cvs2svn to create branch 'jb'. 1998-01-11 03:30:40 +00:00
libmd Split the padding out into a separate function. 1998-03-27 10:23:00 +00:00
libmytinfo When printf'ing the result of pointer arithmetic, cast the result to 1998-01-13 03:07:10 +00:00
libncurses Low level use of 'vidattr()' can cause a NULL pointer to be 1998-05-15 21:35:53 +00:00
libopie This commit was manufactured by cvs2svn to create branch 'jb'. 1998-01-11 03:30:40 +00:00
libpam/modules .Sh AUTHOR -> .Sh AUTHORS. Use .An/.Aq. 1998-03-23 07:48:45 +00:00
libpcap Simplified by using new yacc rules. 1998-05-08 06:43:07 +00:00
libpthread Treat the lock value as volatile. 1998-05-05 21:47:58 +00:00
libresolv This commit was manufactured by cvs2svn to create branch 'jb'. 1998-01-11 03:30:40 +00:00
librpcsvc Toss publickey.c in the attic and remove it from the Makefile. 1998-05-18 21:59:53 +00:00
libscsi This commit was manufactured by cvs2svn to create branch 'jb'. 1998-01-11 03:30:40 +00:00
libskey Add warning about interaction of S/Key and login(1) for users without S/Key 1998-05-18 09:36:31 +00:00
libss Remove a 'const' because it was getting thrown away anyway. 1998-05-10 23:48:18 +00:00
libtcl Regenerate (install tclAppInit.c in the installhdrs step). 1998-03-23 13:21:35 +00:00
libtelnet This commit was manufactured by cvs2svn to create branch 'jb'. 1998-01-11 03:30:40 +00:00
libtermcap The __set_ospeed() function is coded against the speed_t type declared 1998-05-05 21:54:26 +00:00
libutil Oops, revert part of a diff that wasn't supposed to have been committed. 1998-04-28 07:02:33 +00:00
libvgl .Sh AUTHOR -> .Sh AUTHORS. Use .An/.Aq 1998-03-19 07:34:22 +00:00
libxpg4 This library builds from libc source, so it also needs to know what 1998-05-18 04:41:07 +00:00
liby This commit was manufactured by cvs2svn to create branch 'jb'. 1998-01-11 03:30:40 +00:00
libz Backup out the last commit, it was already there. 1998-04-17 08:31:07 +00:00
msun There is no alpha asm code like on i386, so all the functions that 1998-05-10 23:46:01 +00:00
ncurses/ncurses Renamed the generated include file keys.tries to keys.tries.h so 1998-03-20 16:50:08 +00:00
Makefile libtcl now builds (with lots of pointer to int cast warnings) on alpha. 1998-05-13 22:54:03 +00:00
Makefile.inc This commit was manufactured by cvs2svn to create branch 'jb'. 1998-01-11 03:30:40 +00:00