From 0873af5d5f53c45b1e30cab2918571289e59045a Mon Sep 17 00:00:00 2001 From: "Chris D. Faulhaber" Date: Fri, 6 Apr 2001 14:34:15 +0000 Subject: [PATCH] Do not log every potential exploit attempt since a denial-of-service may result. --- contrib/ntp/ntpd/ntp_control.c | 11 +---------- 1 file changed, 1 insertion(+), 10 deletions(-) diff --git a/contrib/ntp/ntpd/ntp_control.c b/contrib/ntp/ntpd/ntp_control.c index e8ae30ba4fff..f8371a1636d5 100644 --- a/contrib/ntp/ntpd/ntp_control.c +++ b/contrib/ntp/ntpd/ntp_control.c @@ -1656,17 +1656,8 @@ ctl_getitem( cp++; while (cp < reqend && *cp != ',') { *tp++ = *cp++; - if (tp >= buf + sizeof(buf)) { - msyslog(LOG_WARNING, "Attempted \"ntpdx\" exploit from IP %d.%d.%d.%d:%d (possibly spoofed)\n", - (ntohl(rmt_addr->sin_addr.s_addr) >> 24) & 0xff, - (ntohl(rmt_addr->sin_addr.s_addr) >> 16) & 0xff, - (ntohl(rmt_addr->sin_addr.s_addr) >> 8) & 0xff, - (ntohl(rmt_addr->sin_addr.s_addr) >> 0) & 0xff, - ntohs(rmt_addr->sin_port) -); - + if (tp >= buf + sizeof(buf)) return (0); - } } if (cp < reqend) cp++;