Hello, If any of you out there upgraded to 0.4.6 recently then this patch will interest you. Just before the release some bugs crept in to the ip-defragmentation code which can cause firestorm to crash. To fix the problem either apply the patch or disable the ipfrag preprocessor (not recommended). -- // Gianni Tedesco (gianni at ecsc dot co dot uk) 8646BE7D: 6D9F 2287 870E A2C9 8F60 3A3C 91B5 7669 8646 BE7D
diff -u firestorm/decode_plugins/ipfrag.c firestorm/decode_plugins/ipfrag.c
--- firestorm/decode_plugins/ipfrag.c 15 Aug 2002 12:47:54 -0000 1.10
+++ firestorm/decode_plugins/ipfrag.c 29 Aug 2002 12:35:53 -0000
@@ -394,16 +394,17 @@
* arrive after the timeout because that
* is suspicious (read: evasive) */
ipfrag_timedout(pkt);
+ ipq_kill(qp);
return 0;
}
/* Check other timeouts */
while ( ipq_oldest ){
+ if ( ipfrag_expire(pkt, ipq_oldest) ) break;
+
/* this can't kill qp from under us because
* we already know we haven't timed out */
- if ( !ipfrag_expire(pkt, ipq_oldest) ) {
- ipq_kill(qp);
- }else break;
+ ipq_kill(ipq_oldest);
}
/* Move to front heuristic */
Attachment:
signature.asc
Description: This is a digitally signed message part