Patrick Williams | d8c66bc | 2016-06-20 12:57:21 -0500 | [diff] [blame] | 1 | From b9f56d578ebfd649b5d829960540859ac6ca931c Mon Sep 17 00:00:00 2001 |
| 2 | From: Catalin Enache <catalin.enache@windriver.com> |
| 3 | Date: Tue, 12 Apr 2016 18:23:31 +0300 |
| 4 | Subject: [PATCH] Add patch to limit the value of an fd we accept for a |
| 5 | connection. |
| 6 | |
| 7 | By limiting the highest value we accept for an fd we limit the number |
| 8 | of connections. |
| 9 | |
| 10 | Upstream-Status: Backport |
| 11 | CVE: CVE-2016-2774 |
| 12 | |
| 13 | Author: Shawn Routhier <sar@isc.org> |
| 14 | Signed-off-by: Catalin Enache <catalin.enache@windriver.com> |
| 15 | --- |
| 16 | includes/site.h | 6 ++++++ |
| 17 | omapip/listener.c | 9 +++++++-- |
| 18 | 3 files changed, 18 insertions(+), 2 deletions(-) |
| 19 | |
| 20 | diff --git a/includes/site.h b/includes/site.h |
| 21 | index 9c33de3..df020c8 100644 |
| 22 | --- a/includes/site.h |
| 23 | +++ b/includes/site.h |
| 24 | @@ -290,6 +290,12 @@ |
| 25 | this option will be removed at some time. */ |
| 26 | /* #define INCLUDE_OLD_DHCP_ISC_ERROR_CODES */ |
| 27 | |
| 28 | +/* Limit the value of a file descriptor the serve will use |
| 29 | + when accepting a connecting request. This can be used to |
| 30 | + limit the number of TCP connections that the server will |
| 31 | + allow at one time. A value of 0 means there is no limit.*/ |
| 32 | +#define MAX_FD_VALUE 200 |
| 33 | + |
| 34 | /* Include definitions for various options. In general these |
| 35 | should be left as is, but if you have already defined one |
| 36 | of these and prefer your definition you can comment the |
| 37 | diff --git a/omapip/listener.c b/omapip/listener.c |
| 38 | index 8bdcdbd..61473cf 100644 |
| 39 | --- a/omapip/listener.c |
| 40 | +++ b/omapip/listener.c |
| 41 | @@ -3,7 +3,7 @@ |
| 42 | Subroutines that support the generic listener object. */ |
| 43 | |
| 44 | /* |
| 45 | - * Copyright (c) 2012,2014 by Internet Systems Consortium, Inc. ("ISC") |
| 46 | + * Copyright (c) 2012,2014,2016 by Internet Systems Consortium, Inc. ("ISC") |
| 47 | * Copyright (c) 2004,2007,2009 by Internet Systems Consortium, Inc. ("ISC") |
| 48 | * Copyright (c) 1999-2003 by Internet Software Consortium |
| 49 | * |
| 50 | @@ -233,7 +233,12 @@ isc_result_t omapi_accept (omapi_object_t *h) |
| 51 | return ISC_R_NORESOURCES; |
| 52 | return ISC_R_UNEXPECTED; |
| 53 | } |
| 54 | - |
| 55 | + |
| 56 | + if ((MAX_FD_VALUE != 0) && (socket > MAX_FD_VALUE)) { |
| 57 | + close(socket); |
| 58 | + return (ISC_R_NORESOURCES); |
| 59 | + } |
| 60 | + |
| 61 | #if defined (TRACING) |
| 62 | /* If we're recording a trace, remember the connection. */ |
| 63 | if (trace_record ()) { |
| 64 | -- |
| 65 | 2.7.4 |