[JDEV] DoS on server component

Federico Lucifredi flucifredi at acm.org
Wed May 15 17:16:45 CDT 2002 

Hello All,
    While I was typing one of countless telnet probes on a server component
I am trying to develop, I casually managed to DOS my own server... in a
quite unexpected way.

    Note that this is quite a minor issue to patch ... but it is unexpected,
at least to me....

    My code is modeled after DJ Adams example of an RSS news agent, and for
the purpose of this discussion, I'll use his:

http://mailman.jabber.org/pipermail/jadmin/2002-March/004458.html

lets take the jabber:iq:browse handler as an example

sub iq_browse {
   my $node = shift;
   debug("[iq_browse]");
   return unless my $query = $node->getTag('', NS_BROWSE)
             and $node->attr('type', IQ_GET);
   debug("--> browse request");
   $node = toFrom($node);
   $node->attr('type', IQ_RESULT);
    #   my $rss = $query->insertTag('service');
    #   $rss->attr('type', 'rss');
    #   $rss->attr('jid', $ID);
    #   $rss->attr('name', $NAME);
    #   $rss->insertTag('ns')->data(NS_REGISTER);
   $c->send($node);
   return r_HANDLED;
}

(I commented out the code proper, so all that this handler does is redirect
the message back to the user and set the IQ-TYPE attribute to result.)

Now, in my sleepyness, I did put in the query

<iq id='browse'
    to='rss.jabber.endorfine.org'
    from='bob at jabber.endorfine.org'
    type='get'>
  <query xmlns='jabber:iq:browse'/>
</iq>

Apparently the unnecessay from attribute confuses the toFrom() function, and
the result is that the message keeps being fed to the component by the
server -

I understand that the from attribute should not be there, but I do not
understand why toFrom() should be messing up this way....

sub toFrom {
   my $node = shift;
   my $to = $node->attr('to');
   $node->attr('to', $node->attr('from'));
   $node->attr('from', $to);
   return $node;
}


it seems to me like it should be swapping things properly..... what
originates the loop ? Am I still asleep ?!

-Federico

_________________________________________
-- "'Problem' is a bleak word for challenge" - Richard Fish

Muad'Dib of Caladan (Federico L. Lucifredi)- flucifredi at acm.org,
http://www.lucifredi.com

More information about the JDev mailing list