Bugs item #1799135, was opened at 2007-09-20 22:11
Message generated for change (Comment added) made by cito
You can respond by visiting:
https://sourceforge.net/tracker/?func=detail&atid=104866&aid=1799135&group_id=4866
Please note that this message will contain a full copy of the comment thread,
including the initial issue submission, for this request,
not just the latest update.
Category: WebKit
Group: None
Status: Open
Resolution: None
Priority: 5
Private: No
Submitted By: Patrick TJ McPhee (ptjm)
>Assigned to: Christoph Zwerschke (cito)
Summary: WebKit crash with socket error 53 during nmap scan
Initial Comment:
I see this problem with Webware-0.9.3 but I expect it exists in earlier
revisions. Our operating system is NetBSD 3.1
An nmap scan can crash a WebKit-based application. e.g.,
nmap -sT -p12345 myhost
Causes our application to fail with this traceback
Traceback (most recent call last):
File "/path/to/Webware/WebKit/ThreadedAppServer.py", line 926, in run
server.mainloop()
File "/path/to/Webware/WebKit/ThreadedAppServer.py", line 258, in mainloop
client, addr = sock.accept()
File "/usr/pkg/lib/python2.4/socket.py", line 169, in accept
sock, addr = self._sock.accept()
error: (53, 'Software caused connection abort')
So far as I know, the best way to handle this error is to retry the accept. I
attach a patch which does this.
----------------------------------------------------------------------
>Comment By: Christoph Zwerschke (cito)
Date: 2007-10-28 11:18
Message:
Logged In: YES
user_id=193957
Originator: NO
Thanks for the bug report. I could not reproduce this under Windows and
Linux where I could not provoke any exceptions from socket.accept() using
nmap. Either NetBSD or your nmap version seems to behave differently.
I have fixed the problem anyway in r7062, but instead of retrying the
accept, I simply ignore it, because retrying may open the door for DOS
attacks.
Can you check my fix on your NetBSD box?
----------------------------------------------------------------------
Comment By: Nobody/Anonymous (nobody)
Date: 2007-09-21 05:07
Message:
Logged In: NO
errno.EGAIN and errno.EINTR had better be handled as well?
----------------------------------------------------------------------
You can respond by visiting:
https://sourceforge.net/tracker/?func=detail&atid=104866&aid=1799135&group_id=4866
-------------------------------------------------------------------------
This SF.net email is sponsored by: Splunk Inc.
Still grepping through log files to find problems? Stop.
Now Search log events and configuration files using AJAX and a browser.
Download your FREE copy of Splunk now >> http://get.splunk.com/
_______________________________________________
Webware-devel mailing list
Webware-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/webware-devel
