Using realloc to remove MAX_LISTEN_SOCKS limit on sshd.c
Ben Lindstrom
mouring at eviladmin.org
Tue Dec 23 17:30:11 EST 2008
On Dec 21, 2008, at 11:34 AM, Peter Teoh wrote:
> Dan Armstrong wrote:
>> OpenSSH developers,
>>
>> I have removed the fixed, arbitrary limit on the number of
>> ListenAddress allowed by using realloc to dynamically expand
>> listen_socks as needed. This completely removes MAX_LISTEN_SOCKS
>> from
>> the source. I made this change on the version of OpenSSH shipped
>> with
>> CentOS 5.2, version 4.3p2. Please see the attached .c file and .diff
>> file. Please add these changes to OpenSSH to save people from having
>> to predetermine their workload before compilation. It can also save
>> some people some grief - I've been unable to login to a server
>> because
>> of this one.
>
> Sorry if I may ask the risks of this option - will it not lead to any
> potential scenario of Denial of Service, if some how the number of
> ListenAddress can be arbitrarily increase without limit, and thus
> leading to realloc() allocating large amount of memory?
>
I can't see how this would be a "DoS", since ListenAddress must be set
by the server on launch. One can flood a single port just as easy as
they can flood multiple ports.
I'm still trying to figure out why one would want OpenSSH listening on
more than 15 ports/address combination. Is it really worth the added
complexity?
- Ben
More information about the openssh-unix-dev
mailing list