Hello, If any of you out there upgraded to 0.4.6 recently then this patch will interest you. Just before the release some bugs crept in to the ip-defragmentation code which can cause firestorm to crash. To fix the problem either apply the patch or disable the ipfrag preprocessor (not recommended). -- // Gianni Tedesco (gianni at ecsc dot co dot uk) 8646BE7D: 6D9F 2287 870E A2C9 8F60 3A3C 91B5 7669 8646 BE7D
diff -u firestorm/decode_plugins/ipfrag.c firestorm/decode_plugins/ipfrag.c --- firestorm/decode_plugins/ipfrag.c 15 Aug 2002 12:47:54 -0000 1.10 +++ firestorm/decode_plugins/ipfrag.c 29 Aug 2002 12:35:53 -0000 @@ -394,16 +394,17 @@ * arrive after the timeout because that * is suspicious (read: evasive) */ ipfrag_timedout(pkt); + ipq_kill(qp); return 0; } /* Check other timeouts */ while ( ipq_oldest ){ + if ( ipfrag_expire(pkt, ipq_oldest) ) break; + /* this can't kill qp from under us because * we already know we haven't timed out */ - if ( !ipfrag_expire(pkt, ipq_oldest) ) { - ipq_kill(qp); - }else break; + ipq_kill(ipq_oldest); } /* Move to front heuristic */
Attachment:
signature.asc
Description: This is a digitally signed message part