FreeBSD listen() again

3APA3A (3APA3ASECURITY.NNOV.RU)
Sat, 30 Oct 1999 17:08:52 +0400

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
• Next message: Blue Boar: "Re: AIM 3.0"
• Previous message: W.H.J.Pinckaers: "Re: Possibly exploitable overflow in Alibaba 2.0"
• Next in thread: Sebastian: "Re: FreeBSD listen() again"
• Reply: Sebastian: "Re: FreeBSD listen() again"

Hello vulN-DEV,

 I wasn't right in defining the problem for backlog in listen()

  as it was correctly pointed by Sebastian <scutnb.in-berlin.de>:

-=-=-=-=-
For some unknown reasons berkeley derived implementations multiply backlog
with 1.5. (backlog = 5 will turn to 8 for example).
-=-=-=-=-

  It seems real queue length is counted as
     backlog + (backlog+1)>>1

  that's why listen(sock, 1) will never work as it should. It will
  allow to establish 2 connections. It's for both FreeBSD 2.2.x and
  3.x, so the problem is even deeper.

         /\_/\
        { . . } |\
+--oQQo->{ ^ }<-----+ \
| 3APA3A U 3APA3A }
+-------------o66o--+ /
                    |/
X5O!X5O!PAP[4\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H*

• Next message: Blue Boar: "Re: AIM 3.0"
• Previous message: W.H.J.Pinckaers: "Re: Possibly exploitable overflow in Alibaba 2.0"
• Next in thread: Sebastian: "Re: FreeBSD listen() again"
• Reply: Sebastian: "Re: FreeBSD listen() again"

This archive was generated by hypermail 2.0b3 on Sat Oct 30 1999 - 16:24:39 CDT