Re: NetBSD Security Advisory 1999-001: select(2)/accept(2)

From: Luigi Pugnetti (plat_private)
Date: Wed Jan 20 1999 - 10:25:15 PST

Next message: Craig Anderson: "Re: Outlook 98 Security "Feature""

Previous message: Steven M. Bellovin: "Re: Personal web server"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Luke Mewburn wrote:
>
> * Connection is initiated by client; 3WHS completes.
> * Server process is awakened and select(2) succeeds.
> * Connection is closed by client (e.g. by sending a RST).  Connection
>   is removed from accept(2) queue on server.
> * Server process does an accept(2), which hangs waiting for a
>   connection.
>
> This scenario is sometimes difficult to reproduce, particularly if the
> server is very fast and the network is relatively slow.  It is most
> effective if the server is slow and/or must do a lot of work between
> the select(2) and accept(2).
>
>
> 1) Modify all TCP servers to use non-blocking listening sockets.
>    Unfortunately, this requires changing a large amount of code, much
>    of it maintained by third parties.

This problem (and solution 1) was described  by W. R. Stevens in Unix
Network Programming vol 1, second edition,  sec. 15.6

--
Luigi Pugnetti

Next message: Craig Anderson: "Re: Outlook 98 Security "Feature""
Previous message: Steven M. Bellovin: "Re: Personal web server"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:29:29 PDT