From owner-freebsd-security  Fri Sep 14  2:44:34 2001
Delivered-To: freebsd-security@freebsd.org
Received: from easyisp.org (sjef.easyisp.org [213.88.184.220])
	by hub.freebsd.org (Postfix) with SMTP id 90C9437B406
	for <security@FreeBSD.ORG>; Fri, 14 Sep 2001 02:44:23 -0700 (PDT)
Received: (qmail 19006 invoked by uid 1002); 14 Sep 2001 09:35:53 -0000
Message-ID: <20010914093553.22895.qmail@easyisp.org>
From: "news" <news@postboks.org>
To: security@FreeBSD.ORG
Subject: Re: netbsd vulnerabilities 
Date: Fri, 14 Sep 2001 09:35:53 GMT
Mime-Version: 1.0
Content-Type: text/plain; format=flowed; charset="iso-8859-1"
Content-Transfer-Encoding: 7bit
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-security.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-security>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-security>
X-Loop: FreeBSD.org

anyone know when there will be anything official out there for this problem 
? 

with regards
rasmus fauske 

 

> "Andrew R. Reiter" <arr@watson.org> wrote:
> > The attached code fixes the semop bug which is specified in the recent
> > NetBSD security announcement.  I'm not positive about hte naming scheme
> > wanted by all in terms of:  size_t vs. unsigned int vs. unsigned.  I made
> > it u_int b/c i saw in sysproto.h that there seemed to be more u_int's
> > instead of size_t's :-)  Great logic.>
> I think semop_args.nsops should be u_int (like you made it) because
> that's how it's listed in syscalls.master.
It should match the (SYSV) spec, whatever that says.  syscalls.master
is rarely correct.> > --- sys/sem.h.orig	Sat Sep  8 03:21:08 2001
> > +++ sys/sem.h	Sat Sep  8 03:21:27 2001> > @@ -101,7 +101,7 @@
> >  int semsys __P((int, ...));> >  int semctl __P((int, int, int, ...));
> >  int semget __P((key_t, int, int));
> > -int semop __P((int, struct sembuf *,unsigned));
> > +int semop __P((int, struct sembuf *, u_int));>
> I don't see the point of this, either, except to break consistency
> with the manual page.  `u_int' is the same as `unsigned'.
This also fixes a style bug (missing space after comma) and takes us
further from removing dependencies on <sys/types.h>.  Anyway, this
has nothing to do with the bug (unless the correct type is not unsignedint).
> The other changes look pretty good.  Attached is the corresponding
> patch to -current.  If nobody sees anything wrong in about a day, I'll
> commit this and MFC it after the RE's approval.OK.Bruce
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message