Date: Mon, 10 Feb 1997 02:24:35 -0700 (MST) From: Marc Slemko <marcs@znep.com> To: tqbf@enteract.com Cc: freebsd-security@freebsd.org Subject: Re: Don't fulminate, be productive Message-ID: <Pine.BSF.3.95.970210021858.11077f-100000@alive.ampr.ab.ca> In-Reply-To: <19970210075217.22118.qmail@char-star.rdist.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On 10 Feb 1997 tqbf@enteract.com wrote: > In article <Pine.BSF.3.95.970208171054.3343F-100000@alive.ampr.ab.ca>, you wrote: > >Essentially what I did is go through the entire source line by line, > >looking for anything that stood out as being suspicious. Those things > >include: > > If you used "grep()" or pattern-searching in your editor to do this, you > just missed the lpr card() hole. > > while(*c) *p++ = *c++; Of course. That is why I said line-by-line and why I don't find scripts overly useful. What I _do_ do is, after I go through the source, do a quick grep on certain keywords to help find some of the things I may have missed. That one is an easy one to spot when scanning through the source manually, since it just screams out "playing wiht string pointers". When I was looking through some of the FreeBSD sources a while back, I first looked through the source line by line, then did a grep to see if I could notice anything I missed in my first run, then did a diff with the OpenBSD source to see if I missed anything that was fixed there. 90% of security holes are easy to find in stuff like FreeBSD right now. When the obvious ones get fixed, it will be more like 90% being hard to find.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.3.95.970210021858.11077f-100000>