netdev
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

ip6 udp panic from accept

from [David Jeffery] [Permanent Link][Original]
To: netdev@xxxxxxxxxxx
Subject: ip6 udp panic from accept
From: David Jeffery <lordbeatnik@xxxxxxxxxxxxxx>
Date: Sat, 12 Feb 2000 11:04:30 -0800
Sender: owner-netdev@xxxxxxxxxxx 
It appears that the strange non-fatal udp panic I have been able to produce is 
caused by socktest illegally trying to call accept() on an ip6 udp socket. ip4 
correctly returns an error while ip6 panics.  illegally calling listen() though 
correctly returns an error under ip6.  So somewhere in the ip6 code accept is 
failing to check that the socket is a tcp socket.

To exploit it, just bind a udp port, and then call accept on it.  The program 
segfaults and the port becomes "stuck" and can't be successfully bound to again.

If someone wants a sample program that does this, or a panic trace, let me know.

David "LordBeatnik" Jeffery
----------------------
Do you do Linux? :) 
Get your FREE @linuxstart.com email address at: http://www.linuxstart.com
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: Same question on i2.2 kernel, but for ipv6 stack code, kuznet
Next by Date:  [patch] nf6 for 2.3.44, David Jeffery
Previous by Thread:  sit configuration, Behcet Sarikaya
Next by Thread:  Re: ip6 udp panic from accept, David S. Miller
Indexes:  [Date] [Thread] [Top] [All Lists]