[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [bug-GNUnet] Security bug in GNUnet
From: |
Christian Grothoff |
Subject: |
Re: [bug-GNUnet] Security bug in GNUnet |
Date: |
Wed, 10 May 2006 22:14:30 -0700 |
User-agent: |
KMail/1.9.1 |
Hi!
Thanks for reporting this, I believe I have corrected the problem in SVN
revision #2781 (the diff should appear under that number at
http://lists.gnu.org/archive/html/gnunet-svn/2006-05/threads.html
shortly).
Just for my curiosity, did you find this one by code inspection or by actually
observing the bug in practice?
Again, thanks!
Christian
On Wednesday 10 May 2006 11:14, Luigi Auriemma wrote:
> Hey,
>
> I want to report a security bug I have found in GNUnet (tested both
> 0.7.0d and revision 2758).
>
> The bug is very simple and is an infinite loop in the UDP section of
> GNUnet.
> In short the usage of FIONREAD for handling the asynchronous socket
> creates problems when a packet of 0 bytes is received, the program will
> be no longer able to handle the incoming packets and the CPU reaches the
> 100% usage.
>
> Testing the bug is very simple, just send a packet of 0 bytes to the
> port 2086 of the program.
> There is a tool on my website which makes the job easily:
>
> http://aluigi.org/testz/udpsz.zip
>
> udpsz 127.0.0.1 2068 0
>
> (if the link doesn't work copy it in the browser's bar).
>
> I wait your reply.
>
>
> BYEZ
>
>
> ---
> Luigi Auriemma
> http://aluigi.org
> http://mirror.aluigi.org
>
>
> _______________________________________________
> Bug-GNUnet mailing list
> address@hidden
> http://lists.gnu.org/mailman/listinfo/bug-gnunet