From owner-freebsd-audit Tue Jan 9 21:43:36 2001 Delivered-To: freebsd-audit@freebsd.org Received: from harmony.village.org (rover.village.org [204.144.255.66]) by hub.freebsd.org (Postfix) with ESMTP id C847737B698; Tue, 9 Jan 2001 21:43:18 -0800 (PST) Received: from harmony.village.org (localhost.village.org [127.0.0.1]) by harmony.village.org (8.11.1/8.11.1) with ESMTP id f0A5hIs59275; Tue, 9 Jan 2001 22:43:18 -0700 (MST) (envelope-from imp@harmony.village.org) Message-Id: <200101100543.f0A5hIs59275@harmony.village.org> To: Ben Smithurst Subject: Re: stupid bug in getsid() Cc: audit@FreeBSD.ORG In-reply-to: Your message of "Tue, 09 Jan 2001 06:19:16 GMT." <20010109061916.E79365@strontium.scientia.demon.co.uk> References: <20010109061916.E79365@strontium.scientia.demon.co.uk> Date: Tue, 09 Jan 2001 22:43:18 -0700 From: Warner Losh Sender: owner-freebsd-audit@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG In message <20010109061916.E79365@strontium.scientia.demon.co.uk> Ben Smithurst writes: : Anyone object terribly if I fix this really stupid bug? : : --- kern_prot.c~ Tue Jan 9 05:59:10 2001 : +++ kern_prot.c Tue Jan 9 05:59:22 2001 : @@ -162,7 +162,7 @@ : if (uap->pid == 0) : goto found; : : - if ((pt == pfind(uap->pid)) == 0) : + if ((pt = pfind(uap->pid)) == 0) : return ESRCH; : found: : p->p_retval[0] = pt->p_session->s_sid; My first thought is that I would. pt is specifically set in earlier in the function. However, in getpgid() it uses 1 = sign, so I think that's the right thing to do. What are the impacts of this bug? What does it allow you to do that you shouldn't be able to do, if any? Warner To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message