From owner-freebsd-current@FreeBSD.ORG  Wed Jul 16 05:55:23 2003
Return-Path: <owner-freebsd-current@FreeBSD.ORG>
Delivered-To: freebsd-current@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP
	id ADF2B37B401; Wed, 16 Jul 2003 05:55:23 -0700 (PDT)
Received: from obsecurity.dyndns.org
	(adsl-64-169-107-199.dsl.lsan03.pacbell.net [64.169.107.199])
	by mx1.FreeBSD.org (Postfix) with ESMTP
	id 3227443FAF; Wed, 16 Jul 2003 05:55:21 -0700 (PDT)
	(envelope-from kris@obsecurity.org)
Received: from rot13.obsecurity.org (rot13.obsecurity.org [10.0.0.5])
	by obsecurity.dyndns.org (Postfix) with ESMTP
	id 2A6EB66D32; Wed, 16 Jul 2003 05:55:21 -0700 (PDT)
Received: by rot13.obsecurity.org (Postfix, from userid 1000)
	id 1A197C0E; Wed, 16 Jul 2003 05:55:21 -0700 (PDT)
Date: Wed, 16 Jul 2003 05:55:21 -0700
From: Kris Kennaway <kris@obsecurity.org>
To: Marcel Moolenaar <marcel@xcllnt.net>
Message-ID: <20030716125521.GA27790@rot13.obsecurity.org>
References: <20030715185438.GB15674@dhcp01.pn.xcllnt.net>
	<xzpy8yzty2m.fsf@dwp.des.no> <20030715190456.GC15674@dhcp01.pn.xcllnt.net>
	<20030715193518.GA1660@crow.dom2ip.de>
	<20030716010908.GA24218@rot13.obsecurity.org>
	<20030716051103.GB17596@dhcp01.pn.xcllnt.net>
	<20030716051601.GA25527@rot13.obsecurity.org>
	<20030716074337.GA17997@dhcp01.pn.xcllnt.net>
	<20030716085227.GA26428@rot13.obsecurity.org>
	<20030716100506.GA18693@dhcp01.pn.xcllnt.net>
Mime-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha1;
	protocol="application/pgp-signature"; boundary="ew6BAiZeqk4r7MaW"
Content-Disposition: inline
In-Reply-To: <20030716100506.GA18693@dhcp01.pn.xcllnt.net>
User-Agent: Mutt/1.4.1i
cc: anholt@FreeBSD.org
cc: current@FreeBSD.org
cc: Kris Kennaway <kris@obsecurity.org>
Subject: Re: Fix for rman [was: Re: [-CURRENT tinderbox] ...]
X-BeenThere: freebsd-current@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: Discussions about the use of FreeBSD-current
	<freebsd-current.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-current>,
	<mailto:freebsd-current-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-current>
List-Post: <mailto:freebsd-current@freebsd.org>
List-Help: <mailto:freebsd-current-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-current>,
	<mailto:freebsd-current-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 16 Jul 2003 12:55:24 -0000


--ew6BAiZeqk4r7MaW
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Wed, Jul 16, 2003 at 03:05:06AM -0700, Marcel Moolenaar wrote:

> > Hmm, I'm not sure this is the same bug I was seeing, because mine went
> > away when I turned off malloc debugging.
>=20
> Without malloc debugging the chance that the allocated memory has
> zeroes is large(r). Going past the terminating '\0' if it's followed
> by another one then hides the bug. With J, malloc() makes sure the
> allocated memory is not zero and thus exposes the bug.

Sounds plausible.  Good catch!

Kris

--ew6BAiZeqk4r7MaW
Content-Type: application/pgp-signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2 (FreeBSD)

iD8DBQE/FUs4Wry0BWjoQKURAh2XAKDJDro31k9oPDPhgSanyOzrmIskvwCeLfls
iPdtkBocrer9OMhPNvmyJiI=
=HvzP
-----END PGP SIGNATURE-----

--ew6BAiZeqk4r7MaW--