Date: Fri, 6 Apr 2001 05:03:02 +0400 From: "Andrey A. Chernov" <ache@nagual.pp.ru> To: Matt Dillon <dillon@earth.backplane.com> Cc: Brian Somers <brian@Awfulhak.org>, Mark.Andrews@nominum.com, Chris Byrnes <chris@jeah.net>, security@FreeBSD.ORG Subject: Re: ntpd patch Message-ID: <20010406050302.C6984@nagual.pp.ru> In-Reply-To: <200104060056.f360uCN35967@earth.backplane.com>; from dillon@earth.backplane.com on Thu, Apr 05, 2001 at 05:56:12PM -0700 References: <200104060033.f360XfP03505@hak.lan.Awfulhak.org> <200104060056.f360uCN35967@earth.backplane.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Thu, Apr 05, 2001 at 17:56:12 -0700, Matt Dillon wrote: > > Now, I don't think FreeBSD cares about this at all. However, many Yes, FreeBSD cares and sensitive, since we have signed chars by default. > This is just common sense, really. How generic do we want the code > to be? It certainly doesn't hurt. 1) Negative ctype offsets can produce false hits/miss (if addressed memory present) causing wrong interpretation of data. 2) Negative ctype offsets can produce off memory requests (addressed memory not present) causing core dumps. -- Andrey A. Chernov http://ache.pp.ru/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20010406050302.C6984>