[Openswan Users] Pluto restart caused by incoming packet possible DOS
Paul Wouters
paul at xelerance.com
Thu Apr 30 19:27:04 EDT 2009
On Thu, 30 Apr 2009, Erich Titl wrote:
>>> Apr 30 08:57:27 gatekeeper-internal pluto[1143]: FATAL ERROR: packet
>>> from 80.238.212.245:47156: unable to malloc 0 bytes for message buffer
>>> in comm_handle()
>>
>> Are you sure your server did not just leak memory and ran out of ram?
>> That's
>> what the error implies.
>
> The server definitely did not run out of memory, I am running cacti
> against it and the graph does not show anything alike. Also these
> servers typically run 7x24 for months and years with many tunnels open
> and I never saw anything alike.
Well, check the code...
void
comm_handle(const struct iface_port *ifp)
{
static struct msg_digest *md;
md = alloc_md();
Note that nothing of the packet is actually used here, and you crashed.
You did not crash on a malicious packet, you crashed do to an internal
problem.
But without a core file or other data, there is not much to post mortem
on.
Paul
More information about the Users
mailing list