Bugtraq mailing list archives
Re: pingflood.c
From: sinster () DARKWATER COM (sinster () DARKWATER COM)
Date: Mon, 18 May 1998 13:00:38 -0700
Sprach "Aggelos P. Varvitsiotis" <avarvit () CC ECE NTUA GR>: [... info about non-root pingflood snipped ....]
Verified it on SunOS 5.5.1. Basically, it is so simple that it should work on any Unix box. The "bug" in ping's code is that the code naively assumes the SIGALRM is system-generated (due to a previous alarm() call). At least on SunOS 5.5.1, sigaction(2) can be used to examine the source of the SIGALRM (e.g. check that (siginfo_t *)si->si_code > 0 -- (siginfo_t *)si is returned to the signal handler if the sa_flags member of the struct sigaction passed to sigaction() has the SA_SIGINFO bit set). I am not sure how this can be implemented on other systems.
A simple fix that'll work on all systems I've encountered is simply to call time() in the signal handler and make sure that it's different from the last time time() was called. That'll automatically limit you to 1s pings no matter how many signals you get. Of course, you had better be checking to make sure that time() isn't erroring out with errno=EAGAIN on those systems where time() can do that... :) -- Jon Paul Nollmann ne' Darren Senn sinster () darkwater com Unsolicited commercial email will be archived at $1/byte/day. Wasurenaide -- doko e itte mo soko ni iru yo.
Current thread:
- Re: pingflood.c Aggelos P. Varvitsiotis (May 18)
- Re: pingflood.c pedward () WEBCOM COM (May 18)
- Re: pingflood.c Jeffrey Hutzelman (May 18)
- Re: pingflood.c Phil Stracchino (May 18)
- root from file table overflows? Chris Conner (May 19)
- Re: pingflood.c Theo de Raadt (May 18)
- Re: pingflood.c sinster () DARKWATER COM (May 18)
- <Possible follow-ups>
- Re: pingflood.c pedward () WEBCOM COM (May 18)
- Re: pingflood.c Niall Smart (May 18)
- Re: pingflood.c pedward () WEBCOM COM (May 18)