Skip site navigation (1)Skip section navigation (2)
Date:      Wed, 5 Feb 1997 15:15:55 -0600 (CST)
From:      Karl Denninger  <karl@mcs.net>
To:        tenser@spitfire.ecsel.psu.edu (Dan Cross)
Cc:        karl@mcs.net, security@freebsd.org
Subject:   Re: PATCH for *ALL* FreeBSD Setlocale() problems - EVERYONE SHOULD READ THIS MESSAGE
Message-ID:  <199702052115.PAA14224@Jupiter.Mcs.Net>
In-Reply-To: <19970205210908.417.qmail@spitfire.ecsel.psu.edu> from "Dan Cross" at Feb 5, 97 04:09:08 pm

next in thread | previous in thread | raw e-mail | index | archive | help
> 
> > I will EXPECT that these will show up in the CVS tree within 48 hours 
> > unless there are VERY good reasons expressed for them not being included. 
> > I WILL be looking for them to appear.
> 
> Well, for -current, they are somewhat unnecessary.  I made a complete
> fool out of myself last night on freebsd-bugs, thus implicitly demons-
> trating this.  :-)
> 
> Remember, folks, not *all* calls to strcpy() are bad; sometimes range
> checking can be accomplished in non-intuitive ways.  I expect that just
> back-porting the code from -current into 2.1 and 2.2 will be enough to
> solve the problem.
> 
> However, if I am incorrect and you have an exploit that runs against
> -current, please let me know, as I would like to see where the error
> lies.  However, I poured over the -current code last night, and while
> I agree that it needs a bath, I'm pretty certain that it's secure.
> 
> Thanks!
> 
> 	- Dan C.
> 
> (...whose actually gotten some sleep now, and isn't so quick to make
> stupid mistakes in his trains of thought...  :-)

No.  Try the exploit against an unpatched system's "at" program.

It dumps core, which means that you're vulnerable (the stack got blasted).

--
-- 
Karl Denninger (karl@MCS.Net)| MCSNet - The Finest Internet Connectivity
http://www.mcs.net/~karl     | T1's from $600 monthly to FULL DS-3 Service
			     | 99 Analog numbers, 77 ISDN, Web servers $75/mo
Voice: [+1 312 803-MCS1 x219]| Email to "info@mcs.net" WWW: http://www.mcs.net/
Fax:   [+1 773 248-9865]     | 2 FULL DS-3 Internet links; 400Mbps B/W Internal



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199702052115.PAA14224>