Skip site navigation (1)Skip section navigation (2) 
Date:      Thu, 27 Mar 2003 07:29:42 +0000
From:      Colin Percival <colin.percival@wadham.ox.ac.uk>
To:        "Jeremy C. Reed" <reed@reedmedia.net>, "Jacques A. Vidrine" <nectar@freebsd.org>
Cc:        freebsd-security@freebsd.org
Subject:   Re: what actually uses xdr_mem.c?
Message-ID:  <5.0.2.1.1.20030327055355.029c1478@popserver.sfu.ca>
In-Reply-To: <5.0.2.1.1.20030327021835.01e005c8@popserver.sfu.ca>
References:  <Pine.LNX.4.43.0303260803200.21019-100000@pilchuck.reedmedi a.net> <20030326140204.GC33671@madman.celabo.org>
index | next in thread | previous in thread | raw e-mail 

At 02:25 27/03/2003 +0000, I wrote:
>   To clarify: I'm not sure if my code worked properly here.  It certainly 
> hasn't missed any files, but it might have introduced false positives -- 
> I was surprised by the number of files it identified as having 
> changed.  I'm currently looking at this in more detail to determine if in 
> fact these are false positives.

   And the answer is, they're not false positives.  libc/xdr/xdr_mem is 
used by libc/rpc/clnt_tcp, which is used by libc/yp/yplib, and that is 
included in:

/bin/csh
/bin/date
/bin/ls
/bin/mv
/bin/pax
/bin/ps
/bin/rcp
/bin/rm
/bin/sh
/bin/tcsh
/bin/unlink
/sbin/atm
/sbin/dhclient
/sbin/dump
/sbin/fastboot
/sbin/fasthalt
/sbin/fsck
/sbin/fsdb
/sbin/halt
/sbin/ifconfig
/sbin/init
/sbin/ip6fw
/sbin/ipf
/sbin/ipfstat
/sbin/ipfw
/sbin/ipmon
/sbin/ipnat
/sbin/mknod
/sbin/mount
/sbin/mount_msdos
/sbin/mount_nfs
/sbin/mount_ntfs
/sbin/mount_nwfs
/sbin/mount_portal
/sbin/mountd
/sbin/natd
/sbin/nfsd
/sbin/nos-tun
/sbin/ping
/sbin/ping6
/sbin/quotacheck
/sbin/rdump
/sbin/reboot
/sbin/restore
/sbin/route
/sbin/routed
/sbin/rrestore
/sbin/rtquery
/sbin/shutdown
/sbin/umount
/sbin/vinum
/usr/bin/tar
/usr/lib/libc.a
/usr/lib/libc.so.4
/usr/lib/libc_p.a
/usr/lib/libc_pic.a
/usr/lib/libc_r.a
/usr/lib/libc_r.so.4
/usr/lib/libc_r_p.a
/usr/libexec/elf/gdb

   Of course, in most (all?) of these cases it would be impossible to 
exploit the xdr bug, but all those files contain the modified code.

Colin Percival
home | help

Want to link to this message? Use this
URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?5.0.2.1.1.20030327055355.029c1478>