freebsd-skq/lib
Bill Paul 1ce4aec2b4 Change the sanity test here. It's not correct to assume that the record
size we receive here should fit into the receive buffer. Unfortunately,
there's no 100% foolproof way to distinguish a ridiculously large record
size that a client actually meant to send us from a ridiculously large
record size that was sent as a spoof attempt.

The one value that we can positively identify as bogus is zero. A
zero-sized record makes absolutely no sense, and sending an endless
supply of zeroes will cause the server to loop forever trying to
fill its receive buffer.

Note that the changes made to readtcp() make it okay to revert this
sanity test since the deadlock case where a client can keep the server
occupied forever in the readtcp() select() loop can't happen anymore.
This solution is not ideal, but is relatively easy to implement. The
ideal solution would be to re-arrange the way dispatching is handled
so that the select() loop in readtcp() can be eliminated, but this is
difficult to implement. I do plan to implement the complete solution
eventually but in the meantime I don't want to leave the RPC library
totally vulnerable.

That you very much Sun, may I have another.
1998-05-20 15:56:11 +00:00
..
compat
csu Force BOOTSTRAP mode all the time while the headers are broken on alpha 1998-05-04 02:06:09 +00:00
libalias o Support a compile-time -DNO_FW_PUNCH for portability 1998-04-19 21:42:07 +00:00
libbind Build libbind for named and friends (not installed in /usr/lib) 1998-05-03 05:04:21 +00:00
libc Change the sanity test here. It's not correct to assume that the record 1998-05-20 15:56:11 +00:00
libc_r Treat the lock value as volatile. 1998-05-05 21:47:58 +00:00
libcalendar
libcom_err
libcompat
libcrypt
libcurses
libdisk Add new NetBSD FFS with FDISK partition ID 0xa9 1998-05-19 11:15:44 +00:00
libedit
libf2c Resurrect exit.c 1998-04-29 22:43:18 +00:00
libF77 Resurrect exit.c 1998-04-29 22:43:18 +00:00
libftpio Correctly figure out that the remove cannot do passive mode. 1998-04-11 07:28:53 +00:00
libgnumalloc
libI77
libipx
libkse Treat the lock value as volatile. 1998-05-05 21:47:58 +00:00
libkvm
libm
libmd
libmytinfo
libncurses Low level use of 'vidattr()' can cause a NULL pointer to be 1998-05-15 21:35:53 +00:00
libopie
libpam/modules
libpcap Simplified by using new yacc rules. 1998-05-08 06:43:07 +00:00
libpthread Treat the lock value as volatile. 1998-05-05 21:47:58 +00:00
libresolv
librpcsvc Toss publickey.c in the attic and remove it from the Makefile. 1998-05-18 21:59:53 +00:00
libscsi
libskey Add warning about interaction of S/Key and login(1) for users without S/Key 1998-05-18 09:36:31 +00:00
libss Remove a 'const' because it was getting thrown away anyway. 1998-05-10 23:48:18 +00:00
libtcl
libtelnet
libtermcap The __set_ospeed() function is coded against the speed_t type declared 1998-05-05 21:54:26 +00:00
libutil Oops, revert part of a diff that wasn't supposed to have been committed. 1998-04-28 07:02:33 +00:00
libvgl
libxpg4 This library builds from libc source, so it also needs to know what 1998-05-18 04:41:07 +00:00
liby
libz Backup out the last commit, it was already there. 1998-04-17 08:31:07 +00:00
msun There is no alpha asm code like on i386, so all the functions that 1998-05-10 23:46:01 +00:00
ncurses/ncurses
Makefile libtcl now builds (with lots of pointer to int cast warnings) on alpha. 1998-05-13 22:54:03 +00:00
Makefile.inc