The Samba-Bugzilla – Attachment 9231 Details for
Bug 10158
netbios related samba process consume 100% CPU
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
Proposed patch
0001-libcli-continue-to-read-from-the-socket-even-if-the-.patch (text/plain), 1.11 KB, created by
Matthieu Patou
on 2013-09-19 18:31:20 UTC
(
hide
)
Description:
Proposed patch
Filename:
MIME Type:
Creator:
Matthieu Patou
Created:
2013-09-19 18:31:20 UTC
Size:
1.11 KB
patch
obsolete
>From 6477f69080b453f8ca9213565657cdc79f173fe8 Mon Sep 17 00:00:00 2001 >From: Matthieu Patou <mat@matws.net> >Date: Thu, 19 Sep 2013 11:18:32 -0700 >Subject: [PATCH] libcli: continue to read from the socket even if the size is > 0 > >This is an issue found by Codenomicon, with a malicious packet with 0 >bytes UDP payload we will continiously be looping trying to react from >the socket event and continiously do nothing as we will bail out >thinking that we had a memory allocation error. > >Original fix comes from Volker Lendecke <vl@samba.org> > >Signed-off-by: Matthieu Patou <mat@matws.net> >--- > source4/libcli/dgram/dgramsocket.c | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > >diff --git a/source4/libcli/dgram/dgramsocket.c b/source4/libcli/dgram/dgramsocket.c >index 3f06dc7..cd6d3e4 100644 >--- a/source4/libcli/dgram/dgramsocket.c >+++ b/source4/libcli/dgram/dgramsocket.c >@@ -48,7 +48,7 @@ static void dgm_socket_recv(struct nbt_dgram_socket *dgmsock) > } > > blob = data_blob_talloc(tmp_ctx, NULL, dsize); >- if (blob.data == NULL) { >+ if ((dsize != 0) && (blob.data == NULL)) { > talloc_free(tmp_ctx); > return; > } >-- >1.8.1.2 >
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=9231">View the attachment on a separate page</a>.</b>
View Attachment As Raw
Flags:
vl
:
review+
Actions:
View
Attachments on
bug 10158
: 9231