Re: Recent full disclosure post - Local DOS
Hi all!,
I have seen the patch has been applied in releng_7_4, releng_8_2, =
stable, head... but not in releng_8_1 or releng_8_0... is it planned to =
be applied too on this branches??
Thanks a lot.
Bye!
El 03/02/2011, a las 17:19, Egoitz Aurrekoetxea Aurre escribi=F3:
> Hi all,
>=20
> So then, this just crashes in current?? else... is it known which =
kernel nic drivers cause this?. I have attempted to crash a 8.1-release =
on vmware fusion virtual machine without success...
>=20
> Thanks a lot!,
> Bye!
>=20
>=20
> El 31/01/2011, a las 23:40, Lawrence Stewart escribi=F3:
>=20
>> On 01/29/11 11:30, Christian Peron wrote:
>>> On Fri, Jan 28, 2011 at 02:27:18PM -0500, John Baldwin wrote:
>>> [..]
>>>> =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
>>>> --- tcp_usrreq.c (revision 218018)
>>>> +++ tcp_usrreq.c (working copy)
>>>> @@ -1330,7 +1330,8 @@ tcp_ctloutput(struct socket *so, struct =
sockopt *s
>>>> tp->t_flags |=3D TF_NOPUSH;
>>>> else {
>>>> tp->t_flags &=3D ~TF_NOPUSH;
>>>> - error =3D tcp_output(tp);
>>>> + if (TCPS_HAVEESTABLISHED(tp->t_state))
>>>> + error =3D tcp_output(tp);
>>>> }
>>>> INP_WUNLOCK(inp);
>>>> break;
>>>=20
>>> I was thinking of correcting it the same way.. I might even do =
something
>>> like:
>>>=20
>>> else {
>>> if (tp->t_flags & TF_NOPUSH) {
>>> tp->t_flags &=3D ~TF_NOPUSH;
>>> if (TCPS_HAVEESTABLISHED(tp->t_state))
>>> error =3D tcp_output(tp);
>>> }
>>> }
>>>=20
>>> By default, this mask is not set.. so un-setting it and calling =
tcp_output()=20
>>> if it was not already set seems wasteful
>>=20
>> Apologies for tuning in late, but FWIW I concur and think the above
>> patch is appropriate.
>>=20
>> Cheers,
>> Lawrence
>> _______________________________________________
>> freebsd-security@freebsd.org mailing list
>> http://lists.freebsd.org/mailman/listinfo/freebsd-security
>> To unsubscribe, send any mail to =
"freebsd-security-unsubscribe@freebsd.org"
>=20
> _______________________________________________
> freebsd-security@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-security
> To unsubscribe, send any mail to =
"freebsd-security-unsubscribe@freebsd.org"
_______________________________________________
freebsd-security@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org"
討論串 (同標題文章)
完整討論串 (本文為第 12 之 12 篇):