Date: Wed, 26 Mar 2003 08:15:37 -0600 From: D J Hawkey Jr <hawkeyd@visi.com> To: Uros Juvan <uros.juvan@arnes.si> Cc: security at FreeBSD <freebsd-security@freebsd.org> Subject: Re: what actually uses xdr_mem.c? Message-ID: <20030326081537.C17610@sheol.localdomain> In-Reply-To: <3E81AF6C.3060705@arnes.si>; from uros.juvan@arnes.si on Wed, Mar 26, 2003 at 02:47:24PM %2B0100 References: <Pine.LNX.4.43.0303252144400.21019-100000@pilchuck.reedmedia.net> <20030326102057.GC657@zi025.glhnet.mhn.de> <20030326061041.A17052@sheol.localdomain> <20030326130056.GD657@zi025.glhnet.mhn.de> <20030326071637.A17385@sheol.localdomain> <3E81AF6C.3060705@arnes.si>
next in thread | previous in thread | raw e-mail | index | archive | help
On Mar 26, at 02:47 PM, Uros Juvan wrote:
>
> Idea is cool, but it just won't work on staticaly linked files, you can
> test this with:
>
> # readelf -a /bin/ls
Oh, man!
It seems as though my command requires that a statically-linked binary
has "relocation sections" (whatever they are), at the very least.
> I don't think there is 100% way of telling whether staticaly linked file
> is linked against vulnerable xdr_mem.o, especially because obviously
> rcsid string is undefined in source file.
> Exept of course searching for machine bytes composing vulnerable code :)
It appears that you're correct. Bummer for me, as I've put out that
command a couple of times now. I _hate_ looking stupid in public,
especially when I think I've done something really smart. :-(
> Regards,
> Uros Juvan
Thanks for hitting me with the Clue Stick. I'll shut up now.
Dave
--
______________________ ______________________
\__________________ \ D. J. HAWKEY JR. / __________________/
\________________/\ hawkeyd@visi.com /\________________/
http://www.visi.com/~hawkeyd/
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20030326081537.C17610>