From owner-freebsd-bugbusters@FreeBSD.ORG Wed Feb 11 09:30:37 2004 Return-Path: Delivered-To: freebsd-bugbusters@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 2F3C016A524 for ; Wed, 11 Feb 2004 09:30:37 -0800 (PST) Received: from cicero1.cybercity.dk (cicero1.cybercity.dk [212.242.40.4]) by mx1.FreeBSD.org (Postfix) with ESMTP id 9D56343D5E for ; Wed, 11 Feb 2004 09:30:28 -0800 (PST) (envelope-from db@TruNet.dk) Received: from user5.cybercity.dk (fxp0.user5.ip.cybercity.dk [212.242.41.51]) by cicero1.cybercity.dk (Postfix) with ESMTP id D20F37E31C7 for ; Wed, 11 Feb 2004 18:30:23 +0100 (CET) Received: from main.trunet.dk (port132.ds1-arsy.adsl.cybercity.dk [212.242.239.73]) by user5.cybercity.dk (Postfix) with SMTP id 6920B3A3070 for ; Wed, 11 Feb 2004 18:30:23 +0100 (CET) Date: Wed, 11 Feb 2004 18:35:45 +0100 From: db To: bugbusters@FreeBSD.org Message-Id: <20040211183545.6084a53c@main.trunet.dk> X-Mailer: Sylpheed version 0.9.8claws (GTK+ 1.2.10; i386-portbld-freebsd5.2) Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Subject: New port: security/lockdown "Hardening system for FreeBSD" X-BeenThere: freebsd-bugbusters@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Coordination of the Problem Report handling effort. List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 11 Feb 2004 17:30:37 -0000 http://www.freebsd.org/send-pr.html is not working (keep saying "Incorrect safety code"), so I'll just copy-past what I wrote: -------------------------------------------- Your Electronic Mail Address: db@TruNet.dk Your Name: Daniel Blankensteiner One line summary of the problem: New port: security/lockdown "Hardening system for FreeBSD" Category: Ports Severity: Non-critical Priority: Low Class: Change-request Full Description: Lockdown is a hardening system written in C++ for FreeBSD and released under the BSD license. For more info please read: http://lockdown.trunet.dk/ I'm sorry, but I can't seem to find an "attach" button on this page. So I will just give you a link to the file (I hope I've done it right): http://lockdown.trunet.dk/lockdown --------------------------------------------------- Best regards Daniel Blankensteiner From owner-freebsd-bugbusters@FreeBSD.ORG Wed Feb 11 12:19:43 2004 Return-Path: Delivered-To: freebsd-bugbusters@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 30FE116A4CE for ; Wed, 11 Feb 2004 12:19:43 -0800 (PST) Received: from rdsnet.ro (smtp.rdsnet.ro [62.231.74.130]) by mx1.FreeBSD.org (Postfix) with ESMTP id 4F8B343D1D for ; Wed, 11 Feb 2004 12:19:42 -0800 (PST) (envelope-from itetcu@apropo.ro) Received: (qmail 20324 invoked from network); 11 Feb 2004 20:07:49 -0000 Received: from unknown (HELO it.buh.cameradicommercio.ro) (81.196.25.19) by mail.rdsnet.ro with SMTP; 11 Feb 2004 20:07:48 -0000 Received: from it.buh.cameradicommercio.ro (localhost.buh.cameradicommercio.ro [127.0.0.1]) by it.buh.cameradicommercio.ro (Postfix) with SMTP id B04DA5D; Wed, 11 Feb 2004 22:09:38 +0200 (EET) Date: Wed, 11 Feb 2004 22:09:38 +0200 From: Ion-Mihai Tetcu To: db Message-Id: <20040211220938.1e8cce4d@it.buh.cameradicommercio.ro> In-Reply-To: <20040211183545.6084a53c@main.trunet.dk> References: <20040211183545.6084a53c@main.trunet.dk> X-Mailer: Sylpheed version 0.9.8claws (GTK+ 1.2.10; i386-portbld-freebsd5.2) Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit cc: bugbusters@FreeBSD.org Subject: Re: New port: security/lockdown "Hardening system for FreeBSD" X-BeenThere: freebsd-bugbusters@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Coordination of the Problem Report handling effort. List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 11 Feb 2004 20:19:43 -0000 On Wed, 11 Feb 2004 18:35:45 +0100 db wrote: > http://www.freebsd.org/send-pr.html is not working (keep saying > "Incorrect safety code"), so I'll just copy-past what I Please use send-pr(1) or sysutils/gtk-send-pr; if you can't so that please send the message to ports@ -- IOnut Unregistered ;) FreeBSD user From owner-freebsd-bugbusters@FreeBSD.ORG Wed Feb 11 10:41:25 2004 Return-Path: Delivered-To: freebsd-bugbusters@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 08F3016A4CE for ; Wed, 11 Feb 2004 10:41:25 -0800 (PST) Received: from beeblebrox.norr.worldnet.se (unknown [212.217.248.3]) by mx1.FreeBSD.org (Postfix) with ESMTP id A2C9343D1D for ; Wed, 11 Feb 2004 10:41:24 -0800 (PST) (envelope-from christer.oberg@texonet.com) Received: from dim2ygqpjbo6c7 (user-212-247-242-84.ornskoldsvik.com [212.247.242.84]) by beeblebrox.norr.worldnet.se (Postfix) with SMTP id 748B91DCFF for ; Wed, 11 Feb 2004 19:50:15 +0100 (CET) Message-ID: <000901c2d248$8a6ca750$54f2f7d4@dim2ygqpjbo6c7> From: =?iso-8859-1?Q?Christer_=D6berg?= To: MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="----=_NextPart_000_0005_01C2D205.7B750050" X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2800.1158 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1165 X-Mailman-Approved-At: Thu, 12 Feb 2004 05:18:08 -0800 X-Content-Filtered-By: Mailman/MimeDel 2.1.1 Subject: Overflows in libatm X-BeenThere: freebsd-bugbusters@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Coordination of the Problem Report handling effort. List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Date: Wed, 11 Feb 2004 18:41:25 -0000 X-Original-Date: Tue, 11 Feb 2003 19:40:50 -0800 X-List-Received-Date: Wed, 11 Feb 2004 18:41:25 -0000 This is a multi-part message in MIME format. ------=_NextPart_000_0005_01C2D205.7B750050 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable There are some overflows in libatm, hopefully the attached diffs takes = care of the problem.=20 Oh and keep up the good work, I love FreeBSD :) Best regards, Christer ------=_NextPart_000_0005_01C2D205.7B750050 Content-Type: application/octet-stream; name="ioctl_subr.c.diff" Content-Transfer-Encoding: quoted-printable Content-Disposition: attachment; filename="ioctl_subr.c.diff" --- /usr/src/lib/libatm/ioctl_subr.c Tue Jul 29 13:35:03 2003=0A= +++ ioctl_subr.c Tue Feb 11 17:11:19 2003=0A= @@ -161,7 +161,7 @@=0A= air.air_opcode =3D AIOCS_INF_VCC;=0A= bzero(air.air_vcc_intf, sizeof(air.air_vcc_intf));=0A= if (intf !=3D NULL && strlen(intf) !=3D 0)=0A= - strcpy(air.air_vcc_intf, intf);=0A= + strncpy(air.air_vcc_intf, intf, IFNAMSIZ-1);=0A= =0A= buf_len =3D do_info_ioctl(&air, buf_len);=0A= =0A= @@ -375,7 +375,7 @@=0A= air.air_opcode =3D AIOCS_INF_CFG;=0A= bzero ( air.air_cfg_intf, sizeof(air.air_cfg_intf));=0A= if ( intf !=3D NULL && strlen(intf) !=3D 0 )=0A= - strcpy ( air.air_cfg_intf, intf );=0A= + strncpy ( air.air_cfg_intf, intf, IFNAMSIZ-1);=0A= =0A= buf_len =3D do_info_ioctl ( &air, buf_len );=0A= =0A= @@ -411,7 +411,7 @@=0A= air.air_opcode =3D AIOCS_INF_INT;=0A= bzero ( air.air_int_intf, sizeof(air.air_int_intf));=0A= if ( intf !=3D NULL && strlen(intf) !=3D 0 )=0A= - strcpy ( air.air_int_intf, intf );=0A= + strncpy ( air.air_int_intf, intf, IFNAMSIZ-1);=0A= =0A= buf_len =3D do_info_ioctl ( &air, buf_len );=0A= =0A= @@ -448,7 +448,7 @@=0A= air.air_opcode =3D AIOCS_INF_NIF;=0A= bzero ( air.air_int_intf, sizeof(air.air_int_intf) );=0A= if ( intf !=3D NULL && strlen(intf) !=3D 0 )=0A= - strcpy ( air.air_int_intf, intf );=0A= + strncpy ( air.air_int_intf, intf, IFNAMSIZ-1);=0A= =0A= buf_len =3D do_info_ioctl ( &air, buf_len );=0A= =0A= ------=_NextPart_000_0005_01C2D205.7B750050 Content-Type: application/octet-stream; name="ip_addr.c.diff" Content-Transfer-Encoding: quoted-printable Content-Disposition: attachment; filename="ip_addr.c.diff" --- /usr/src/lib/libatm/ip_addr.c Tue Jul 29 13:51:53 2003=0A= +++ ip_addr.c Tue Feb 11 12:27:11 2003=0A= @@ -35,6 +35,7 @@=0A= *=0A= */=0A= =0A= +#include =0A= #include =0A= #include =0A= #include =0A= @@ -118,7 +119,7 @@=0A= const char *=0A= format_ip_addr(const struct in_addr *addr)=0A= {=0A= - static char host_name[128];=0A= + static char host_name[MAXHOSTNAMELEN+18];=0A= char *ip_num;=0A= struct hostent *ip_host;=0A= =0A= @@ -148,10 +149,8 @@=0A= /*=0A= * Return host name followed by dotted decimal address=0A= */=0A= - strcpy(host_name, ip_host->h_name);=0A= - strcat(host_name, " (");=0A= - strcat(host_name, ip_num);=0A= - strcat(host_name, ")");=0A= + snprintf(host_name, sizeof(host_name), "%s (%s)", =0A= + ip_host->h_name, ip_num);=0A= return(host_name);=0A= } else {=0A= /*=0A= ------=_NextPart_000_0005_01C2D205.7B750050-- From owner-freebsd-bugbusters@FreeBSD.ORG Sat Feb 14 08:59:16 2004 Return-Path: Delivered-To: freebsd-bugbusters@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 0703F16A4CE for ; Sat, 14 Feb 2004 08:59:16 -0800 (PST) Received: from netlx010.civ.utwente.nl (netlx010.civ.utwente.nl [130.89.1.92]) by mx1.FreeBSD.org (Postfix) with ESMTP id 446A743D1D for ; Sat, 14 Feb 2004 08:59:15 -0800 (PST) (envelope-from r.s.a.vandomburg@student.utwente.nl) Received: from gog (gog.student.utwente.nl [130.89.165.107]) i1EGxBK09818 for ; Sat, 14 Feb 2004 17:59:11 +0100 Message-Id: <200402141659.i1EGxBK09818@netlx010.civ.utwente.nl> From: "Roderick van Domburg" To: Date: Sat, 14 Feb 2004 17:59:23 +0100 MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit X-Mailer: Microsoft Office Outlook, Build 11.0.5510 X-MIMEOLE: Produced By Microsoft MimeOLE V6.00.3790.0 Thread-Index: AcPzG+Ue2eJyZS8yTxmCrLwCnEcgzQ== X-UTwente-MailScanner-Information: Scanned by MailScanner. Contact helpdesk@ITBE.utwente.nl for more information. X-UTwente-MailScanner: Found to be clean Subject: Request to assign kern/61544 X-BeenThere: freebsd-bugbusters@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Coordination of the Problem Report handling effort. List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 14 Feb 2004 16:59:16 -0000 Hi there! I submitted kern/61544 about ip6fw breakage on January 18th: basically, ip6fw rejects all traffic no matter what and so IPv6 can only be used without a firewall. I've looked for obvious CVS commits that might have caused the breakage but haven't found anything. I hope someone more knowledgeable can take a look at this! Thanks in advance, Roderick