Date: Sat, 8 Sep 2001 07:24:16 -0400 (EDT) From: "Andrew R. Reiter" <arr@watson.org> To: Alfred Perlstein <bright@mu.org> Cc: Kris Kennaway <kris@obsecurity.org>, security@freebsd.org Subject: Re: netbsd vulnerabilities Message-ID: <Pine.NEB.3.96L.1010908071851.9321A-100000@fledge.watson.org> In-Reply-To: <20010908054930.F2965@elvis.mu.org>
next in thread | previous in thread | raw e-mail | index | archive | help
In defense of that, that'd work obviously, I was just going for the route that best reflected the man page (and should therefore reflect how it is used by a user). the man page states taht nsops is unsigned... the sem.h prototype states that, yet in semop_args and in the function, we essentially make it signed. checking for < 0 is a solution, but i guess I was thinking for more along the lines of getting that code a bit more cleaned up. I just think it's minorly confusing that what a man page states, really isn't... Either way will clear it up tho :-) Andrew On Sat, 8 Sep 2001, Alfred Perlstein wrote: :* Andrew R. Reiter <arr@watson.org> [010908 05:44] wrote: :> Hey, :> :> The attached code fixes the semop bug which is specified in the recent :> NetBSD security announcement. I'm not positive about hte naming scheme :> wanted by all in terms of: size_t vs. unsigned int vs. unsigned. I made :> it u_int b/c i saw in sysproto.h that there seemed to be more u_int's :> instead of size_t's :-) Great logic. : :Uh, why don't you just compare the int arg against 0, if it's less than :then just return EINVAL. : :-Alfred : *-------------................................................. | Andrew R. Reiter | arr@fledge.watson.org | "It requires a very unusual mind | to undertake the analysis of the obvious" -- A.N. Whitehead To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.NEB.3.96L.1010908071851.9321A-100000>