Re: possible gnome remote overflow

[sopwith () REDHAT COM (Elliot Lee)]

On Mon, 18 Oct 1999, Ryan Permeh wrote:

> ok, i was playing around with netcat, and expiereinced the following
> issue(i attempted with stock RH 6.0 gnome dist, and october release
> gnome dist). not certain where the problem lies, my guess is somewhere
> within gnome-ses, but i'm not certain, as my core debug skills are a
> bit weak.
>
> to make the problem recur:
>
> 1. use nmap (remote) or lsof (local) to discern what port gnome-ses
> is running on.
>
>     it is a port > 1024, and i've seen it range between
> 1350 and 2100.
> 2. use netcat to send data to the port in the following manner:
>     nc host.example.org 1353 < /boot/vmlinuz | nc host.example.org 1353
>
> this dumps the kernel image to the gnome-ses port(it is likely not 1353
> on your box, it dynamically picks a port at startup)
>  and it dumps the output from the gnome-ses port to another connection
> of the gnome-ses port.  It doesn't matter what you
> dump, as long as it is somewhat large.

Owen Taylor has diagnosed the cause of the problem.

Basically, the first 'nc' in the pipeline is just being used to generate
ICE error messages. These are being sent as input to another ICE
connection. The default libICE action when an error message is received is
to exit(1), thus the experienced behaviour.

-- Elliot                                       http://developer.gnome.org/
The first thing a programmer needs to admit is that any program is by far
more complex than his own mind. Thats why he partitions it into neat
pieces and avoids complexity.