Author: delphij
Date: Tue Oct 21 20:20:26 2014
New Revision: 273413
URL: https://svnweb.freebsd.org/changeset/base/273413
Log:
Fix routed(8) remote denial of service vulnerability. [SA-14:21]
Modified:
stable/8/sbin/routed/input.c
Modified: stable/8/sbin/routed/input.c
==============================================================================
--- stable/8/sbin/routed/input.c Tue Oct 21 20:20:17 2014
(r273412)
+++ stable/8/sbin/routed/input.c Tue Oct 21 20:20:26 2014
(r273413)
@@ -288,6 +288,10 @@ input(struct sockaddr_in *from, /* rece
/* Answer a query from a utility program
* with all we know.
*/
+ if (aifp == NULL) {
+ trace_pkt("ignore remote query");
+ return;
+ }
if (from->sin_port != htons(RIP_PORT)) {
supply(from, aifp, OUT_QUERY, 0,
rip->rip_vers, ap != 0);
_______________________________________________
svn-src-all@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
