Skip site navigation (1)Skip section navigation (2)
Date:      Wed, 18 Apr 2001 11:18:06 +0300
From:      Peter Pentchev <roam@orbitel.bg>
To:        Vladimir Terziev <vlady@rila.bg>
Cc:        freebsd-hackers@freebsd.org
Subject:   Re: Problem patching libc
Message-ID:  <20010418111806.C2925@ringworld.oblivion.bg>
In-Reply-To: <200104180647.JAA75409@star.rila.bg>; from vlady@rila.bg on Wed, Apr 18, 2001 at 09:47:34AM %2B0300
References:  <200104180647.JAA75409@star.rila.bg>

next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, Apr 18, 2001 at 09:47:34AM +0300, Vladimir Terziev wrote:
> 
>      Hi hackers,
> 
> 
>      I saw the security-advisory about globbing vulnerability in ftpd and I 
> tryed to patch my FreeBSD 4.0, but I got an error:
> 
>      /usr/src/lib/libc/../libc/gen/glob.c: In function `glob': 
>      /usr/src/lib/libc/../libc/gen/glob.c:171: `GLOB_MAXPATH' undeclared
> 
>      and the next
> 
>      /usr/src/lib/libc/../libc/gen/glob.c: In function `globextend':
>      /usr/src/lib/libc/../libc/gen/glob.c:689: `GLOB_LIMIT' undeclared
> 
> 
>      I think the patch is not correct or I'm wrong?

This was discussed on the -security mailing list.  Yes, the patch was missing
the include/glob.h part; try to also apply the attached patch.

G'luck,
Peter

-- 
If I were you, who would be reading this sentence?

===================================================================
RCS file: /home/ncvs/src/include/glob.h,v
retrieving revision 1.3
retrieving revision 1.3.6.1
diff -u -p -r1.3 -r1.3.6.1
--- src/include/glob.h	1998/02/25 02:15:59	1.3
+++ src/include/glob.h	2001/03/21 14:33:56	1.3.6.1
@@ -34,6 +34,7 @@
  * SUCH DAMAGE.
  *
  *	@(#)glob.h	8.1 (Berkeley) 6/2/93
+ * $FreeBSD: /home/ncvs/src/include/glob.h,v 1.3.6.1 2001/03/21 14:33:56 jlemon Exp $
  */
 
 #ifndef _GLOB_H_
@@ -76,9 +77,11 @@ typedef struct {
 #define	GLOB_NOMAGIC	0x0200	/* GLOB_NOCHECK without magic chars (csh). */
 #define	GLOB_QUOTE	0x0400	/* Quote special chars with \. */
 #define	GLOB_TILDE	0x0800	/* Expand tilde names from the passwd file. */
+#define	GLOB_MAXPATH	0x1000	/* limit number of returned paths */
 
 #define	GLOB_NOSPACE	(-1)	/* Malloc call failed. */
 #define	GLOB_ABEND	(-2)	/* Unignored error. */
+#define	GLOB_LIMIT	(-3)	/* Path limit was hit. */
 
 __BEGIN_DECLS
 int	glob __P((const char *, int, int (*)(const char *, int), glob_t *));

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-hackers" in the body of the message




Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20010418111806.C2925>