From owner-freebsd-security Sat Sep 8 3:49:33 2001 Delivered-To: freebsd-security@freebsd.org Received: from elvis.mu.org (elvis.mu.org [216.33.66.196]) by hub.freebsd.org (Postfix) with ESMTP id 8737837B407 for ; Sat, 8 Sep 2001 03:49:30 -0700 (PDT) Received: by elvis.mu.org (Postfix, from userid 1192) id 82EB881D05; Sat, 8 Sep 2001 05:49:30 -0500 (CDT) Date: Sat, 8 Sep 2001 05:49:30 -0500 From: Alfred Perlstein To: "Andrew R. Reiter" Cc: Kris Kennaway , security@freebsd.org Subject: Re: netbsd vulnerabilities Message-ID: <20010908054930.F2965@elvis.mu.org> References: <20010907134427.A55600@xor.obsecurity.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: ; from arr@watson.org on Sat, Sep 08, 2001 at 06:43:49AM -0400 Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org * Andrew R. Reiter [010908 05:44] wrote: > Hey, > > The attached code fixes the semop bug which is specified in the recent > NetBSD security announcement. I'm not positive about hte naming scheme > wanted by all in terms of: size_t vs. unsigned int vs. unsigned. I made > it u_int b/c i saw in sysproto.h that there seemed to be more u_int's > instead of size_t's :-) Great logic. Uh, why don't you just compare the int arg against 0, if it's less than then just return EINVAL. -Alfred To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message