From 22b36bc76e6cb62c9cd29f3f988060d80af834c8 Mon Sep 17 00:00:00 2001
From: wpaul <wpaul@FreeBSD.org>
Date: Fri, 15 May 1998 22:53:47 +0000
Subject: Patch RPC library to avoid possible denial of service attacks as
 described recently in BUGTRAQ. If a stream oriented transport fails to
 properly decode an RPC message header structure where there should be one, it
 should mark the stream as dead so that the connection will be dropped.

---
 lib/libc/rpc/svc_tcp.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

(limited to 'lib/libc/rpc/svc_tcp.c')

diff --git a/lib/libc/rpc/svc_tcp.c b/lib/libc/rpc/svc_tcp.c
index 1387ee1..bafa6c3 100644
--- a/lib/libc/rpc/svc_tcp.c
+++ b/lib/libc/rpc/svc_tcp.c
@@ -30,7 +30,7 @@
 #if defined(LIBC_SCCS) && !defined(lint)
 /*static char *sccsid = "from: @(#)svc_tcp.c 1.21 87/08/11 Copyr 1984 Sun Micro";*/
 /*static char *sccsid = "from: @(#)svc_tcp.c	2.2 88/08/01 4.0 RPCSRC";*/
-static char *rcsid = "$Id: svc_tcp.c,v 1.8 1996/12/30 15:19:08 peter Exp $";
+static char *rcsid = "$Id: svc_tcp.c,v 1.11 1997/05/28 05:05:30 wpaul Exp $";
 #endif
 
 /*
@@ -404,6 +404,7 @@ svctcp_recv(xprt, msg)
 		cd->x_id = msg->rm_xid;
 		return (TRUE);
 	}
+	cd->strm_stat = XPRT_DIED;	/* XXXX */
 	return (FALSE);
 }
 
-- 
cgit v1.1