From 0cff82e054cea6b473dcfa6de840ece7327ef6ca Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Wed, 5 Jan 2011 14:34:04 +0100 Subject: s3: Limit the number of unexpected packets per client to 10 Non-reading clients could maliciously make nmbd allocate memory --- source3/libsmb/unexpected.c | 8 ++++++++ 1 file changed, 8 insertions(+) (limited to 'source3') diff --git a/source3/libsmb/unexpected.c b/source3/libsmb/unexpected.c index ce1e31dc59..7ec5800e69 100644 --- a/source3/libsmb/unexpected.c +++ b/source3/libsmb/unexpected.c @@ -672,6 +672,14 @@ static void nb_packet_client_send(struct nb_packet_client *client, struct nb_packet_client_state *state; struct tevent_req *req; + if (tevent_queue_length(client->out_queue) > 10) { + /* + * Skip clients that don't listen anyway, some form of DoS + * protection + */ + return; + } + state = TALLOC_ZERO_P(client, struct nb_packet_client_state); if (state == NULL) { DEBUG(10, ("talloc failed\n")); -- cgit