Re: pingflood.c

[avarvit () CC ECE NTUA GR (Aggelos P. Varvitsiotis)]

> /*
>
>    pingflood.c by (AntireZ) Salvatore Sanfilippo <md5330 () mclink it>
>    enhanced by David Welton <davidw () cks com>
>    I tested it only on Linux RedHat 4.1 and 5.0.
>    David Welton tested it on Debian GNU/Linux and OpenBSD reporting
> it           works.
>
>    This program is free software; you can redistribute it and/or modify
>    it under the terms of the GNU General Public License as published by
>    the Free Software Foundation; version 2 of the License.
[64 lines deleted]

Verified it on SunOS 5.5.1. Basically, it is so simple that it
should work on any Unix box. The "bug" in ping's code is that
the code naively assumes the SIGALRM is system-generated (due
to a previous alarm() call). At least on SunOS 5.5.1, sigaction(2)
can be used to examine the source of the SIGALRM (e.g. check
that (siginfo_t *)si->si_code > 0 -- (siginfo_t *)si is returned
to the signal handler if the sa_flags member of the struct sigaction
passed to sigaction() has the SA_SIGINFO bit set). I am not sure
how this can be implemented on other systems.

BTW, how many setuid programs are there that will catch various
signals and will behave "not-as-expected" when forked off by a
signal-bomber parent process, such as pingflood?

a.varvitsiotis () iccs ntua gr                     A.Varvitsiotis
                                             ICCS Computer Center
                                      National Technical University of Athens