From owner-freebsd-security  Thu Apr  5 18: 3:28 2001
Delivered-To: freebsd-security@freebsd.org
Received: from nagual.pp.ru (pobrecita.freebsd.ru [194.87.13.42])
	by hub.freebsd.org (Postfix) with ESMTP id BDE9D37B424
	for <security@FreeBSD.ORG>; Thu,  5 Apr 2001 18:03:25 -0700 (PDT)
	(envelope-from ache@nagual.pp.ru)
Received: (from ache@localhost)
	by nagual.pp.ru (8.11.3/8.11.3) id f36133807225;
	Fri, 6 Apr 2001 05:03:04 +0400 (MSD)
	(envelope-from ache)
Date: Fri, 6 Apr 2001 05:03:02 +0400
From: "Andrey A. Chernov" <ache@nagual.pp.ru>
To: Matt Dillon <dillon@earth.backplane.com>
Cc: Brian Somers <brian@Awfulhak.org>, Mark.Andrews@nominum.com,
	Chris Byrnes <chris@jeah.net>, security@FreeBSD.ORG
Subject: Re: ntpd patch
Message-ID: <20010406050302.C6984@nagual.pp.ru>
References: <200104060033.f360XfP03505@hak.lan.Awfulhak.org> <200104060056.f360uCN35967@earth.backplane.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
User-Agent: Mutt/1.2.5i
In-Reply-To: <200104060056.f360uCN35967@earth.backplane.com>; from dillon@earth.backplane.com on Thu, Apr 05, 2001 at 05:56:12PM -0700
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org

On Thu, Apr 05, 2001 at 17:56:12 -0700, Matt Dillon wrote:
> 
>     Now, I don't think FreeBSD cares about this at all.  However, many

Yes, FreeBSD cares and sensitive, since we have signed chars by default.

>     This is just common sense, really.  How generic do we want the code
>     to be?  It certainly doesn't hurt.


1) Negative ctype offsets can produce false hits/miss (if addressed memory
present) causing wrong interpretation of data.
2) Negative ctype offsets can produce off memory requests (addressed
memory not present) causing core dumps.

-- 
Andrey A. Chernov
http://ache.pp.ru/

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message