routed

Xin LI Wed, 05 Aug 2015 15:06:12 -0700

Author: delphij
Date: Wed Aug  5 22:05:07 2015
New Revision: 286349
URL: https://svnweb.freebsd.org/changeset/base/286349


Log:
  Fix routed remote denial of service vulnerability. [SA-15:19]

Modified:
  stable/9/sbin/routed/input.c

Modified: stable/9/sbin/routed/input.c
==============================================================================
--- stable/9/sbin/routed/input.c        Wed Aug  5 22:05:02 2015        
(r286348)
+++ stable/9/sbin/routed/input.c        Wed Aug  5 22:05:07 2015        
(r286349)
@@ -160,6 +160,12 @@ input(struct sockaddr_in *from,            /* rece
 
        trace_rip("Recv", "from", from, sifp, rip, cc);
 
+       if (sifp == 0) {
+               trace_pkt("    discard a request from an indirect router"
+                   " (possibly an attack)");
+               return;
+       }
+
        if (rip->rip_vers == 0) {
                msglim(&bad_router, FROM_NADDR,
                       "RIP version 0, cmd %d, packet received from %s",
_______________________________________________
svn-src-stable-9@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/svn-src-stable-9
To unsubscribe, send any mail to "svn-src-stable-9-unsubscr...@freebsd.org"

svn commit: r286349 - stable/9/sbin/routed

Reply via email to