Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

How does a Linux socket buffer overflow?

Tags:

linux

networking

linux-kernel

sockets

I have a Java reader application that reads from a multicast socket on a Linux 64-bit platform (2.6.18). The socket size has been set to 2 MB. When the reader cannot read fast enough the socket "overflows", i.e. packets are dropped from the buffer.

What I would like to know is how the Linux kernel drops packets out of the socket buffer. I assume that the socket buffer itself is a FIFO buffer. However, if it is full what happens? Will the next packet be discarded (and the buffer content does not change)? Or will the new packet replace an old packet in the buffer? If yes, which packet (the oldest?, the youngest?, a randomly chosen packet?)?

Thanks for any insight.

like image 489
AtomicJake Avatar asked Jul 08 '10 16:07

AtomicJake

People also ask

What is Linux buffer overflow?

A buffer overflow (or buffer overrun) occurs when the volume of data exceeds the storage capacity of the memory buffer. As a result, the program attempting to write the data to the buffer overwrites adjacent memory locations.

How does a socket buffer work?

TCP sockets use buffering in the protocol stack. The stack itself implements flow control so that if the server's buffer is full, it will stop the client stack from sending more data. Your code will see this as a blocked call to send() . The buffer size can vary widely from a few kB to several MB.

How does Linux protect against buffer overflow?

There are mainly four methods to protect against buffer overflows: patch the kernel to prevent stack execution. You can use either: Exec-shield, OpenWall or PaX (included in the Grsecurity and Adamantix patches). fix the source code by using tools to find fragments of it that might introduce this vulnerability.

What happens when socket buffer is full?

As the receive buffer becomes full, new data cannot be accepted from the network for this socket and must be dropped, which indicates a congestion event to the transmitting node.

2 Answers

When the buffer is full, incoming packets are discarded. Packets that are already in the buffer are not modified or replaced.

like image 127
JSBձոգչ Avatar answered Oct 03 '22 13:10

JSBձոգչ

Just an addition to the answer by JS Bangs.

This is not the only place in the network stack where packets can be dropped. Socket receive buffer is high in the hierarchy and is specific to the user socket. One other place closer to hardware (at least in Linux) is the queue between the device driver and the NET_RX softirq (see netif_rx().) These drops will contribute to RX-DRP column in netstat -i output.

like image 21
Nikolai Fetissov Avatar answered Oct 03 '22 15:10

Nikolai Fetissov
Sign in to Comment

Related questions

Device node at /dev/tty* not getting created for uart serial driver
Generate LLVM C++ API code as backend
How to build Qt 5 statically
Linux /opt/* folder and permissions [closed]
C# execute a terminal command in linux
undefined reference to '_asan_init_v4' when compiling
Zero-copy user-space TCP send of dma_mmap_coherent() mapped memory
debugging templates with GDB
using "touch" to create directories? [closed]
Merging through fuzzy matching of variables in R
Kernel module compilation and KBUILD_NOPEDANTIC
How do I get Sublime Text 2 package manager to use my proxy?
RedHat daemon function usage
How to read npm ENOENT errors
gdb pretty printing with python a recursive structure
Compile IOS program from linux commandline
Difference between dts and ACPI
Control lifetime of .NET Core console application hosted in docker
segfault during __cxa_allocate_exception in SWIG wrapped library
Would dropping X altogether hurt? [closed]

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!