d/freebsd-nq
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
1ce4aec2b4
freebsd-nq/lib/libc
History
Bill Paul 1ce4aec2b4 Change the sanity test here. It's not correct to assume that the record 
size we receive here should fit into the receive buffer. Unfortunately,
there's no 100% foolproof way to distinguish a ridiculously large record
size that a client actually meant to send us from a ridiculously large
record size that was sent as a spoof attempt.

The one value that we can positively identify as bogus is zero. A
zero-sized record makes absolutely no sense, and sending an endless
supply of zeroes will cause the server to loop forever trying to
fill its receive buffer.

Note that the changes made to readtcp() make it okay to revert this
sanity test since the deadlock case where a client can keep the server
occupied forever in the readtcp() select() loop can't happen anymore.
This solution is not ideal, but is relatively easy to implement. The
ideal solution would be to re-arrange the way dispatching is handled
so that the select() loop in readtcp() can be eliminated, but this is
difficult to implement. I do plan to implement the complete solution
eventually but in the meantime I don't want to leave the RPC library
totally vulnerable.

That you very much Sun, may I have another.
1998-05-20 15:56:11 +00:00
..
alpha Remove a big hack after adding a small one to libc/gen/getcwd.c to 1998-05-15 12:01:06 +00:00
amd64 Use the thread-aware errno definition all the time. 1998-05-05 22:07:02 +00:00
compat-43 Don't imply sigset_t == int. 1998-05-03 22:27:29 +00:00
db Sorted lists. 1997-10-21 08:41:15 +00:00
gen NetBSD doesn't have a __getcwd syscall, so set have__getcwd to `no' 1998-05-15 11:59:00 +00:00
gmon These files are very specific to FreeBSD kernels, so silently compile 1998-03-09 04:42:19 +00:00
i386 Use the thread-aware errno definition all the time. 1998-05-05 22:07:02 +00:00
include Remove leading underscores from the FILE lock functions that POSIX 1998-05-05 22:02:29 +00:00
locale Add reference to catopen(3) 1998-04-30 16:07:54 +00:00
net Resolve some unexpected differences when comparing with the 2.2 version. 1998-05-02 15:51:54 +00:00
nls Add reference to setlocale(3) 1998-04-30 16:11:50 +00:00
quad Change MACHINE references to MACHINE_ARCH. 1998-02-20 08:23:55 +00:00
regex int -> long changes that reduce the diffs with the NetBSD version to 1998-05-14 21:45:18 +00:00
rpc Replace the getpublickey() stub with the real thing. 1998-05-18 21:59:15 +00:00
stdio Remote the NetBSD kludge for vfprintf.c 1998-05-08 05:17:11 +00:00
stdlib This is a hack to workaround source that is coded to use long variables 1998-05-08 05:41:57 +00:00
stdtime Remove 'of type long' from a sentence talking about four 4-byte values 1998-05-10 21:21:01 +00:00
string Cast a pointer to a long, not an int before masking it. 1998-05-10 21:22:47 +00:00
sys kill.1: Remove reference to obsolete sigvec(2) man page. Removed 1998-05-18 03:33:11 +00:00
xdr Change the sanity test here. It's not correct to assume that the record 1998-05-20 15:56:11 +00:00
yp Fixed the usual missing dependencies on headers generated by rpcgen. 1998-05-09 15:10:53 +00:00
Makefile Add an include path to private linc/libc_r/libpthread header files. 1998-03-09 06:16:38 +00:00
Makefile.inc Define empty variables in case no names are added to them. This avoids 1998-03-09 06:21:41 +00:00