Recent full disclosure post - Local DOS
Egoitz Aurrekoetxea Aurre
egoitz at ramattack.net
Thu Feb 3 16:35:30 UTC 2011
Hi all,
So then, this just crashes in current?? else... is it known which kernel nic drivers cause this?. I have attempted to crash a 8.1-release on vmware fusion virtual machine without success...
Thanks a lot!,
Bye!
El 31/01/2011, a las 23:40, Lawrence Stewart escribió:
> On 01/29/11 11:30, Christian Peron wrote:
>> On Fri, Jan 28, 2011 at 02:27:18PM -0500, John Baldwin wrote:
>> [..]
>>> ===================================================================
>>> --- tcp_usrreq.c (revision 218018)
>>> +++ tcp_usrreq.c (working copy)
>>> @@ -1330,7 +1330,8 @@ tcp_ctloutput(struct socket *so, struct sockopt *s
>>> tp->t_flags |= TF_NOPUSH;
>>> else {
>>> tp->t_flags &= ~TF_NOPUSH;
>>> - error = tcp_output(tp);
>>> + if (TCPS_HAVEESTABLISHED(tp->t_state))
>>> + error = tcp_output(tp);
>>> }
>>> INP_WUNLOCK(inp);
>>> break;
>>
>> I was thinking of correcting it the same way.. I might even do something
>> like:
>>
>> else {
>> if (tp->t_flags & TF_NOPUSH) {
>> tp->t_flags &= ~TF_NOPUSH;
>> if (TCPS_HAVEESTABLISHED(tp->t_state))
>> error = tcp_output(tp);
>> }
>> }
>>
>> By default, this mask is not set.. so un-setting it and calling tcp_output()
>> if it was not already set seems wasteful
>
> Apologies for tuning in late, but FWIW I concur and think the above
> patch is appropriate.
>
> Cheers,
> Lawrence
> _______________________________________________
> freebsd-security at freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-security
> To unsubscribe, send any mail to "freebsd-security-unsubscribe at freebsd.org"
More information about the freebsd-security
mailing list