From owner-freebsd-security  Mon Jun  7  8:29:19 1999
Delivered-To: freebsd-security@freebsd.org
Received: from flood.ping.uio.no (flood.ping.uio.no [129.240.78.31])
	by hub.freebsd.org (Postfix) with ESMTP id 8DF2014C02
	for <freebsd-security@FreeBSD.ORG>; Mon,  7 Jun 1999 08:29:16 -0700 (PDT)
	(envelope-from des@flood.ping.uio.no)
Received: (from des@localhost)
	by flood.ping.uio.no (8.9.3/8.9.1) id RAA34918;
	Mon, 7 Jun 1999 17:29:11 +0200 (CEST)
	(envelope-from des)
To: Mike Nowlin <mike@argos.org>
Cc: Dag-Erling Smorgrav <des@flood.ping.uio.no>,
	John Baldwin <jobaldwi@vt.edu>, Wes Peters <wes@softweyr.com>,
	freebsd-security@FreeBSD.ORG
Subject: Re: NIS strangeness
References: <Pine.LNX.4.05.9906071122550.4850-100000@jason.argos.org>
From: Dag-Erling Smorgrav <des@flood.ping.uio.no>
Date: 07 Jun 1999 17:29:11 +0200
In-Reply-To: Mike Nowlin's message of "Mon, 7 Jun 1999 11:23:47 -0400 (EDT)"
Message-ID: <xzpso84kp14.fsf@flood.ping.uio.no>
Lines: 16
X-Mailer: Gnus v5.5/Emacs 19.34
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org

Mike Nowlin <mike@argos.org> writes:
> > The test program you posted doesn't do *any* error-checking... which
> > means that if getpwnam() fails, your program will happily try to
> > dereference a null pointer, hence the SIGSEGV.
> Shoulda put that disclaimer in -- that one was quick-and-dirty --
> normally, my programs aren't that badly done.. :)

Yes. I was trying to point out that the SIGSEGV is not a manifestation
of the bug itself, but a consequence of the lack of error checking.

Anyway, I can't seem to reproduce this bug, and I suppose it would be
too much to ask for a root shell on the affected machine :)

DES
-- 
Dag-Erling Smorgrav - des@flood.ping.uio.no


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message