All of lore.kernel.org
 help / color / mirror / Atom feed
From: Tore Anderson <tore@linpro.no>
To: linux-kernel@vger.kernel.org
Subject: [BUG] scheduling while atomic when lseek()ing in /proc/net/tcp
Date: Fri, 28 Nov 2003 00:05:35 +0100	[thread overview]
Message-ID: <1069974335.14367.17.camel@echo.linpro.no> (raw)


  Hi,

  The following code instantly freezes my all of my machines running 
 any of the beavers:

    #include <sys/types.h>
    #include <sys/stat.h>
    #include <fcntl.h>
    #include <unistd.h>
    #include <stdio.h>

    int main(void) {
            char buf[8192];
            int fd, chars;
            fd = open("/proc/net/tcp", O_RDONLY);
            chars = read(fd, buf, sizeof(buf));
            lseek(fd, -chars+1, SEEK_CUR);
            close(fd);
            return 0;
    }

  It only happens when I lseek() anywhere from -chars+1 to -chars+150
 inclusive (in other words, somewhere on the first line).  I do not
 need root to abuse this, which makes it an excellent DoS attack for
 anyone with an unprivileged account.

  I do get an oops, but as I do not have a serial console I'd rather
 not transcribe it to paper and post it unless it's crucial to
 pinpointing the bug.

-- 
Tore Anderson


             reply	other threads:[~2003-11-27 23:05 UTC|newest]

Thread overview: 4+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2003-11-27 23:05 Tore Anderson [this message]
2003-11-28  6:19 ` [BUG] scheduling while atomic when lseek()ing in /proc/net/tcp Raj
2003-11-28 17:12 ` OGAWA Hirofumi
2003-11-30  4:42   ` David S. Miller

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=1069974335.14367.17.camel@echo.linpro.no \
    --to=tore@linpro.no \
    --cc=linux-kernel@vger.kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.