From owner-freebsd-security@freebsd.org  Thu Mar 31 20:34:04 2016
Return-Path: <owner-freebsd-security@freebsd.org>
Delivered-To: freebsd-security@mailman.ysv.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org
 [IPv6:2001:1900:2254:206a::19:1])
 by mailman.ysv.freebsd.org (Postfix) with ESMTP id A48BEAE484D
 for <freebsd-security@mailman.ysv.freebsd.org>;
 Thu, 31 Mar 2016 20:34:04 +0000 (UTC)
 (envelope-from bugzilla-noreply@freebsd.org)
Received: from kenobi.freebsd.org (kenobi.freebsd.org
 [IPv6:2001:1900:2254:206a::16:76])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (Client did not present a certificate)
 by mx1.freebsd.org (Postfix) with ESMTPS id 946BA1CC1
 for <freebsd-security@FreeBSD.org>; Thu, 31 Mar 2016 20:34:04 +0000 (UTC)
 (envelope-from bugzilla-noreply@freebsd.org)
Received: from bugs.freebsd.org ([127.0.1.118])
 by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id u2VKY45u071147
 for <freebsd-security@FreeBSD.org>; Thu, 31 Mar 2016 20:34:04 GMT
 (envelope-from bugzilla-noreply@freebsd.org)
From: bugzilla-noreply@freebsd.org
To: freebsd-security@FreeBSD.org
Subject: [Bug 206761] Kernel stack overflow in sysctl handler for
 kern.binmisc.add
Date: Thu, 31 Mar 2016 20:34:04 +0000
X-Bugzilla-Reason: CC
X-Bugzilla-Type: changed
X-Bugzilla-Watch-Reason: None
X-Bugzilla-Product: Base System
X-Bugzilla-Component: kern
X-Bugzilla-Version: 11.0-CURRENT
X-Bugzilla-Keywords: needs-patch, needs-qa, security
X-Bugzilla-Severity: Affects Only Me
X-Bugzilla-Who: sbruno@FreeBSD.org
X-Bugzilla-Status: In Progress
X-Bugzilla-Resolution: 
X-Bugzilla-Priority: ---
X-Bugzilla-Assigned-To: freebsd-bugs@FreeBSD.org
X-Bugzilla-Flags: 
X-Bugzilla-Changed-Fields: 
Message-ID: <bug-206761-5710-0wAEYM8IYK@https.bugs.freebsd.org/bugzilla/>
In-Reply-To: <bug-206761-5710@https.bugs.freebsd.org/bugzilla/>
References: <bug-206761-5710@https.bugs.freebsd.org/bugzilla/>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/
Auto-Submitted: auto-generated
MIME-Version: 1.0
X-Mailman-Approved-At: Thu, 31 Mar 2016 20:58:34 +0000
X-BeenThere: freebsd-security@freebsd.org
X-Mailman-Version: 2.1.21
Precedence: list
List-Id: "Security issues \[members-only posting\]"
 <freebsd-security.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/freebsd-security>, 
 <mailto:freebsd-security-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-security/>
List-Post: <mailto:freebsd-security@freebsd.org>
List-Help: <mailto:freebsd-security-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/freebsd-security>, 
 <mailto:freebsd-security-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Thu, 31 Mar 2016 20:34:04 -0000

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D206761

--- Comment #11 from Sean Bruno <sbruno@FreeBSD.org> ---
Without this patch from sson, machine panics as described:

panic: stack overflow detected; backtrace may be corrupted
cpuid =3D 3
KDB: stack backtrace:
db_trace_self_wrapper() at db_trace_self_wrapper+0x2b/frame 0xfffffe046ad0c=
b40
vpanic() at vpanic+0x182/frame 0xfffffe046ad0cbc0
panic() at panic+0x43/frame 0xfffffe046ad0cc20
__stack_chk_fail() at __stack_chk_fail+0x12/frame 0xfffffe046ad0cc30
sysctl_kern_binmisc() at sysctl_kern_binmisc+0x7b4/frame 0xfffffe046ad0d8b0
KDB: enter: panic
[ thread pid 16434 tid 101185 ]
Stopped at      kdb_enter+0x3b: movq    $0,kdb_why
db> bt
Tracing pid 16434 tid 101185 td 0xfffff8010054b9a0
kdb_enter() at kdb_enter+0x3b/frame 0xfffffe046ad0cb40
vpanic() at vpanic+0x19f/frame 0xfffffe046ad0cbc0
panic() at panic+0x43/frame 0xfffffe046ad0cc20
__stack_chk_fail() at __stack_chk_fail+0x12/frame 0xfffffe046ad0cc30
sysctl_kern_binmisc() at sysctl_kern_binmisc+0x7b4/frame 0xfffffe046ad0d8b0
db>

--=20
You are receiving this mail because:
You are on the CC list for the bug.=