[Bug 293000] Re: hardy: openssh-server oom_adj can lead to denial of service

Mon, 30 May 2011 14:55:56 -0700 

Hi all,

I have recently came up against this problem myself, and have fixed /
submitted a patch to the openssh development team. Here is the original
report:


So I modified the code to try and repair this oom_adj problem...

port-linux.c:
line 235: //static int oom_adj_save = INT_MIN;
line 236: static int oom_adj_save = 0;
line 277: verbose("Set %s to %d - sleepycal", OOM_ADJ_PATH, oom_adj_save);


I then ran compiled the package, ran SSHd, and yet we still have -17 in 
oom_adj_save. Wtf? Now, I'm not much of a C coder, but this is weird even in my 
books...

May 30 22:18:19 vicky sshd[12825]: Set /proc/self/oom_adj to -17 -
sleepycal

So, I went all out crazy, and did the following patch:

        static int sleepycal_oom_adj_save = 0;
        verbose("sleepycal_oom_adj_save=%d", sleepycal_oom_adj_save);

        if (fprintf(fp, "%d\n", sleepycal_oom_adj_save) <= 0)
                verbose("error writing %s: %s", OOM_ADJ_PATH, strerror(errno));
        else
                verbose("Set %s to %d - sleepycal", OOM_ADJ_PATH, 
sleepycal_oom_adj_save);

And it worked!!! :)

May 30 22:27:12 vicky sshd[2532]: sleepycal_oom_adj_save=0
May 30 22:27:12 vicky sshd[2532]: Set /proc/self/oom_adj to 0 - sleepycal

root@vicky:~/openssh-5.5p1# cat /proc/2532/oom_adj
0

So, it turns out that it is actually OpenSSH which is broken, after
almost 3 days of frustrating digging through millions of lines of code
lol. Anyways, would appreciate if someone could get this merged into
master (obv rename the vars if you want).

Attached is the appropriate patch file as of openssh-5.5p1

Cal


** Patch added: "oom_patch_for_openssh-5.5p1_by_sleepycal.patch"
   
https://bugs.launchpad.net/ubuntu/+source/openssh/+bug/293000/+attachment/2148347/+files/oom_patch_for_openssh-5.5p1_by_sleepycal.patch

-- 
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to openssh in Ubuntu.
https://bugs.launchpad.net/bugs/293000

Title:
  hardy: openssh-server oom_adj can lead to denial of service

-- 
Ubuntu-server-bugs mailing list
Ubuntu-server-bugs@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs

Reply via email to