qbit/go
1
0
Fork 0
mirror of https://github.com/golang/go synced 2024-11-18 17:54:57 -07:00
Code Releases Activity

syscall: workaround accept() bug on Darwin

Browse Source 
Darwin kernels have a bug in accept() where error result from
an internal call is not checked and socket is accepted instead
of ECONNABORTED error. However, such sockets have no sockaddr,
which results in EAFNOSUPPORT error from anyToSockaddr, making
Go http servers running on Mac OS X easily susceptible to
denial of service from simple port scans with nmap.
Fixes #3849.

R=golang-dev, adg, mikioh.mikioh
CC=golang-dev
https://golang.org/cl/6456045
This commit is contained in:
Alexey Borzenkov 2012-07-30 09:02:24 +10:00 committed by Andrew Gerrand
parent b4402a49b6
commit 5197fa8040
1 changed files with 8 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
src/pkg/syscall/syscall_bsd.go
View File

@ -303,6 +303,14 @@ func Accept(fd int) (nfd int, sa Sockaddr, err error) {
if err != nil {
return
}
if len == 0 {
// Accepted socket has no address.
// This is likely due to a bug in xnu kernels,
// where instead of ECONNABORTED error socket
// is accepted, but has no address.
Close(nfd)
return 0, nil, ECONNABORTED
}
sa, err = anyToSockaddr(&rsa)
if err != nil {
Close(nfd)