[Secure-testing-team] Bug#718242: [nuttcp] High CPU usage with -R flag

Tim Sattarov timur at sattaroff.name
Mon Jul 29 04:11:24 UTC 2013 

Package: nuttcp
Version: 6.1.2-4
Severity: important
Tags: security
X-Debbugs-CC: secure-testing-team at lists.alioth.debian.org

--- Please enter the report below this line. ---
Hi

When -R flag is used with small limit value nuttcp server spawns a 
child, starts using 100% CPU and closes connection.

below is the example of how to reproduce (assume that nuttcp -S is 
already running)

__BEGIN__

### Starting first client with  -R1k (1 kbit /second)  and -r, inbound

$ nuttcp  -R1k -r -i1 -v localhost
nuttcp-r: v6.1.2: socket
nuttcp-r: buflen=65536, nstream=1, port=5001 tcp
nuttcp-r: interval reporting every 1.00 second
nuttcp-r: accept from 127.0.0.1
nuttcp-r: send window size = 663750, receive window size = 262030
nuttcp-r: available send window = 331875, available receive window = 131015
nuttcp-r: v6.1.2: Error: not receiving data from server

### server unexpectedly closed connection


### one more time

$ nuttcp  -R1k -r -i1 -v localhost
nuttcp-r: v6.1.2: socket
nuttcp-r: buflen=65536, nstream=1, port=5001 tcp
nuttcp-r: interval reporting every 1.00 second
nuttcp-r: accept from 127.0.0.1
nuttcp-r: send window size = 663750, receive window size = 262030
nuttcp-r: available send window = 331875, available receive window = 131015
nuttcp-r: v6.1.2: Error: not receiving data from server

### and one more time

$ nuttcp  -R1k -r -i1 -v localhost
nuttcp-r: v6.1.2: socket
nuttcp-r: buflen=65536, nstream=1, port=5001 tcp
nuttcp-r: interval reporting every 1.00 second
nuttcp-r: accept from 127.0.0.1
nuttcp-r: send window size = 663750, receive window size = 262030
nuttcp-r: available send window = 331875, available receive window = 131015
nuttcp-r: v6.1.2: Error: not receiving data from server

### after that  we have four nuttcp processes running, one parent and 
three children
### Children are using 100% of CPU


$ ps aux | grep nuttcp
root      2409  0.0  0.0   2304   448 ?        Ss   00:00   0:00 nuttcp -S
root      2420 99.0  0.0   2312   596 ?        R    00:00   0:26 nuttcp -S
root      2427  101  0.0   2312   596 ?        R    00:00   0:19 nuttcp -S
root      2430  102  0.0   2312   596 ?        R    00:00   0:16 nuttcp -S


### I see it as upstream bug, because it is reproducible on other 
platforms as well (FreeBSD for example)


--- System information. ---
Architecture: i386
Kernel: Linux 3.10-1-amd64

Debian Release: jessie/sid
800 unstable www.deb-multimedia.org
800 unstable http.us.debian.org
500 stable dl.google.com
1 experimental ftp.us.debian.org

--- Package information. ---
Depends (Version) | Installed
======================-+-===========
libc6 (>= 2.7) | 2.17-7


Package's Recommends field is empty.

Package's Suggests field is empty.



-- 
Thanks
Tim

More information about the Secure-testing-team mailing list