--- sock.c.orig	Fri Mar 31 23:36:00 2000
+++ sock.c	Fri Mar 31 23:36:29 2000
@@ -79,10 +79,6 @@
  *		Jay Schulist	:	Added SO_ATTACH_FILTER and SO_DETACH_FILTER.
  *		Andi Kleen	:	Add sock_kmalloc()/sock_kfree_s()
  *		Andi Kleen	:	Fix write_space callback
- *		Lorenzo `Gigi Sullivan' Cavallaro: Temporary Fix to local DoS due to
- *		                                   too big buffer (AF_UNIX SOCK_DGRAM).
- *		                                   Maybe this will broke something else.
- *		                                   I apologize.
  *
  * To Fix:
  *
@@ -570,18 +566,6 @@
 			skb->sk = sk;
 			return skb;
 		}
-
-		/*
-		 * kmalloc (mm/slab.c) checks the size to allocate through a
-		 * `cache size struct'.
-		 * If we try to allocate much more then the maximum, just report it
-		 * backwardly.
-		 * XXX Will this broke something, like sock_wait_for_wmem()
-		 * defined here (net/core/sock.c)?
-		 * Is this the right way ?
-		*/
-
-		sk->err = EMSGSIZE;
 	}
 	return NULL;
 }

--- af_unix.c.orig	Fri Mar 31 23:36:40 2000
+++ af_unix.c	Sat Apr  1 00:31:40 2000
@@ -43,6 +43,8 @@
  *					number of socks to 2*max_files and
  *					the number of skb queueable in the
  *					dgram receiver.
+ *    Lorenzo `Gigi Sullivan' Cavallaro	:	Fixed local DoS attack, due to
+ *             unchecked sysctl_wmem_max sysctl (I hope) :)
  *
  * Known differences from reference BSD that was tested:
  *
@@ -972,6 +974,16 @@
 	if (sock->passcred && !sk->protinfo.af_unix.addr)
 		unix_autobind(sock);

+	/*
+	 * This should FIX the local DoS attack about sending msgs > sk->sndbuf
+	 * Never had time to look the optimization code used for unix_stream,
+	 * so, if the buffer we are going to send is > sysctl_wmem_max, just
+	 * report an error (Drop the `packet').
+	*/
+
+	if (len > sk->sndbuf - 16)
+		return -EMSGSIZE;
+	
 	skb = sock_alloc_send_skb(sk, len, 0, msg->msg_flags&MSG_DONTWAIT, &err);
 	if (skb==NULL)
 		goto out;