Go to:
Gentoo Home
Documentation
Forums
Lists
Bugs
Planet
Store
Wiki
Get Gentoo!
Gentoo's Bugzilla – Attachment 88838 Details for
Bug 136222
games-action/0verkill: DoS with a short UDP packet
Home
|
New
–
[Ex]
|
Browse
|
Search
|
Privacy Policy
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
0verkill-0.16-underflow-check.patch
0verkill-0.16-underflow-check.patch (text/plain), 675 bytes, created by
SpanKY
on 2006-06-10 05:49:33 UTC
(
hide
)
Description:
0verkill-0.16-underflow-check.patch
Filename:
MIME Type:
Creator:
SpanKY
Created:
2006-06-10 05:49:33 UTC
Size:
675 bytes
patch
obsolete
>The vulnerability is cause due to an integer underflow error in "recv_packet()" >within the handling of a received UDP packet. This can be exploited to cause >out-of-bounds memory access which crashes the server process via a UDP packet >that is smaller than 12 bytes in size. > >http://bugs.gentoo.org/136222 > >--- 0verkill-0.16/net.c >+++ 0verkill-0.16/net.c >@@ -84,6 +84,7 @@ > p=mem_alloc(max_len+12); > if (!p)return -1; /* not enough memory */ > retval=recvfrom(fd,p,max_len+12,0,addr,addr_len); >+ if (retval<12)return -1; /* not enough data from network */ > memcpy(packet,p+12,max_len); > crc=p[0]+(p[1]<<8)+(p[2]<<16)+(p[3]<<24); > s=p[4]+(p[5]<<8)+(p[6]<<16)+(p[7]<<24);
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=88838">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 136222
: 88838
