Date: Wed, 26 Mar 2003 08:15:37 -0600 From: D J Hawkey Jr <hawkeyd@visi.com> To: Uros Juvan <uros.juvan@arnes.si> Cc: security at FreeBSD <freebsd-security@freebsd.org> Subject: Re: what actually uses xdr_mem.c? Message-ID: <20030326081537.C17610@sheol.localdomain> In-Reply-To: <3E81AF6C.3060705@arnes.si>; from uros.juvan@arnes.si on Wed, Mar 26, 2003 at 02:47:24PM %2B0100 References: <Pine.LNX.4.43.0303252144400.21019-100000@pilchuck.reedmedia.net> <20030326102057.GC657@zi025.glhnet.mhn.de> <20030326061041.A17052@sheol.localdomain> <20030326130056.GD657@zi025.glhnet.mhn.de> <20030326071637.A17385@sheol.localdomain> <3E81AF6C.3060705@arnes.si>
next in thread | previous in thread | raw e-mail | index | archive | help
On Mar 26, at 02:47 PM, Uros Juvan wrote: > > Idea is cool, but it just won't work on staticaly linked files, you can > test this with: > > # readelf -a /bin/ls Oh, man! It seems as though my command requires that a statically-linked binary has "relocation sections" (whatever they are), at the very least. > I don't think there is 100% way of telling whether staticaly linked file > is linked against vulnerable xdr_mem.o, especially because obviously > rcsid string is undefined in source file. > Exept of course searching for machine bytes composing vulnerable code :) It appears that you're correct. Bummer for me, as I've put out that command a couple of times now. I _hate_ looking stupid in public, especially when I think I've done something really smart. :-( > Regards, > Uros Juvan Thanks for hitting me with the Clue Stick. I'll shut up now. Dave -- ______________________ ______________________ \__________________ \ D. J. HAWKEY JR. / __________________/ \________________/\ hawkeyd@visi.com /\________________/ http://www.visi.com/~hawkeyd/
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20030326081537.C17610>