From owner-freebsd-security Mon Aug 5 5:13:53 2002 Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id AD9B437B401 for ; Mon, 5 Aug 2002 05:13:45 -0700 (PDT) Received: from bodb.mc.mpls.visi.com (bodb.mc.mpls.visi.com [208.42.156.104]) by mx1.FreeBSD.org (Postfix) with ESMTP id 3C6B343E3B for ; Mon, 5 Aug 2002 05:13:45 -0700 (PDT) (envelope-from hawkeyd@visi.com) Received: from sheol.localdomain (hawkeyd-fw.dsl.visi.com [208.42.101.193]) by bodb.mc.mpls.visi.com (Postfix) with ESMTP id 362005A72; Mon, 5 Aug 2002 07:13:42 -0500 (CDT) Received: (from hawkeyd@localhost) by sheol.localdomain (8.11.6/8.11.6) id g75CDfn31929; Mon, 5 Aug 2002 07:13:41 -0500 (CDT) (envelope-from hawkeyd) Date: Mon, 5 Aug 2002 07:13:41 -0500 (CDT) Message-Id: <200208051213.g75CDfn31929@sheol.localdomain> Mime-Version: 1.0 X-Newsreader: knews 1.0b.1 Reply-To: hawkeyd@visi.com Organization: if (!FIFO) if (!LIFO) break; References: <000401c23bb8$e9b9bbc0$c74cdbc1_daemon@ns.sol.net> In-Reply-To: <000401c23bb8$e9b9bbc0$c74cdbc1_daemon@ns.sol.net> From: hawkeyd@visi.com (D J Hawkey Jr) Subject: Re: FW: SA-02:35 X-Original-Newsgroups: sol.lists.freebsd.security To: garska@ik.ku.lt, freebsd-security@freebsd.org Content-Type: text/plain; charset=us-ascii Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org In article <000401c23bb8$e9b9bbc0$c74cdbc1_daemon@ns.sol.net>, garska@ik.ku.lt writes: > Does anyone know something about SA-02:35? ---8<--- ftp://ftp.FreeBSD.org:21/pub/FreeBSD/CERT/patches/SA-02:35/ffs.patch RCS file: /home/ncvs/src/sys/ufs/ffs/ffs_vfsops.c,v retrieving revision 1.117.2.9 retrieving revision 1.117.2.10 diff -u -p -r1.117.2.9 -r1.117.2.10 --- sys/ufs/ffs/ffs_vfsops.c 2002/04/08 09:39:30 1.117.2.9 +++ sys/ufs/ffs/ffs_vfsops.c 2002/06/23 22:34:52 1.117.2.10 @@ -758,6 +758,9 @@ ffs_mountfs(devvp, mp, p, malloctype) ump->um_savedmaxfilesize = fs->fs_maxfilesize; /* XXX */ maxfilesize = (u_int64_t)0x40000000 * fs->fs_bsize - 1; /* XXX */ + /* Enforce limit caused by vm object backing (32 bits vm_pindex_t). */ + if (maxfilesize > (u_int64_t)0x80000000u * PAGE_SIZE - 1) + maxfilesize = (u_int64_t)0x80000000u * PAGE_SIZE - 1; if (fs->fs_maxfilesize > maxfilesize) /* XXX */ fs->fs_maxfilesize = maxfilesize; /* XXX */ if (ronly == 0) { --->8--- ---8<--- /var/tmp/cvsup.out Script started on Wed Jul 31 15:45:59 2002 Parsing supfile "/usr/sup/standard-supfile" .... Edit src/sys/ufs/ffs/ffs_vfsops.c Add delta 1.117.2.7.2.1 2002.07.31.17.55.12 jedgar .... --->8--- ---8<--- /usr/src/UPDATING .... 20020731: p14 A bounds checking error in FFS filesize limits was corrected. .... --->8--- Whatever it does exactly, it made it into the RELENG_4_5 CVS tree. My guess is that someone didn't get it into the advisories. Dave -- Windows: "Where do you want to go today?" Linux: "Where do you want to go tomorrow?" FreeBSD: "Are you guys coming, or what?" > -----Original Message----- > From: owner-freebsd-security@FreeBSD.ORG > [mailto:owner-freebsd-security@FreeBSD.ORG] On Behalf Of Oleg Derevenetz > Sent: Friday, August 02, 2002 8:16 PM > To: freebsd-security@FreeBSD.ORG > Subject: SA-02:35 > > Hi all, > > I recently visited ftp.freebsd.org, and found directory SA-02:35 in > CERT/patches > without corresponding advisory in CERT/advisories. Does anyone know > something > about this SA ? As I understand, it belongs to ffs subsystem. Is it > recommended ? To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message