svn commit: r273413 - stable/8/sbin/routed

[Xin LI]

Author: delphij
Date: Tue Oct 21 20:20:26 2014
New Revision: 273413
URL: https://svnweb.freebsd.org/changeset/base/273413

Log:
  Fix routed(8) remote denial of service vulnerability. [SA-14:21]

Modified:
  stable/8/sbin/routed/input.c

Modified: stable/8/sbin/routed/input.c
==============================================================================
--- stable/8/sbin/routed/input.c        Tue Oct 21 20:20:17 2014        
(r273412)
+++ stable/8/sbin/routed/input.c        Tue Oct 21 20:20:26 2014        
(r273413)
@@ -288,6 +288,10 @@ input(struct sockaddr_in *from,            /* rece
                                /* Answer a query from a utility program
                                 * with all we know.
                                 */
+                               if (aifp == NULL) {
+                                       trace_pkt("ignore remote query");
+                                       return;
+                               }
                                if (from->sin_port != htons(RIP_PORT)) {
                                        supply(from, aifp, OUT_QUERY, 0,
                                               rip->rip_vers, ap != 0);
_______________________________________________
svn-src-all@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"