Skip to content

DoS attack on server using services API [CORE1149] #1571

Closed
@firebird-automations

Description

@firebird-automations

Submitted by: @AlexPeshkoff

In case of error, thrown in SVC_start, service handle is deleted (or gds_freed() in old versions). But Y-handle knows nothing about it, and continues to use it if user sends more requests. At least it will be used in SVC_detach().
Results are, certainly, unpredictable. In my case server was successfully shutdown, because byte, which was sometimes svc_do_shutdown, happened to be non-zero.

Commits: 0d7eb34 60e06d5