From owner-freebsd-hackers@FreeBSD.ORG  Mon Nov 24 17:20:06 2014
Return-Path: <owner-freebsd-hackers@FreeBSD.ORG>
Delivered-To: freebsd-hackers@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org
 [IPv6:2001:1900:2254:206a::19:1])
 (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
 (No client certificate requested)
 by hub.freebsd.org (Postfix) with ESMTPS id 82B3881D
 for <freebsd-hackers@freebsd.org>; Mon, 24 Nov 2014 17:20:06 +0000 (UTC)
Received: from mail-yk0-f172.google.com (mail-yk0-f172.google.com
 [209.85.160.172])
 (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits))
 (Client CN "smtp.gmail.com",
 Issuer "Google Internet Authority G2" (verified OK))
 by mx1.freebsd.org (Postfix) with ESMTPS id 46439263
 for <freebsd-hackers@freebsd.org>; Mon, 24 Nov 2014 17:20:05 +0000 (UTC)
Received: by mail-yk0-f172.google.com with SMTP id 131so4350119ykp.31
 for <freebsd-hackers@freebsd.org>; Mon, 24 Nov 2014 09:19:59 -0800 (PST)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20130820;
 h=x-gm-message-state:mime-version:in-reply-to:references:date
 :message-id:subject:from:to:cc:content-type;
 bh=OReJ4DG471ZPZ0U3t9X4ULVwIwFtoMeNaarUITbMjiQ=;
 b=dnrFua2gul3aLzaJlZ/+OSZ67loPFs+QM3gvS3jJoxp6M1WLeiF0p8DnU3jVCH9lZH
 93zEMZRl+N5cJ37iR7IEGVcKsvqIOQManN/+53rXWLX7zgzIXMIbYLX7Kb0Lwhc9KCfv
 KBR1SKEi09ByPI6nNH+24GxR4l9DIcr41tNfxA2xosKQTQke8Y3rS1CILniA0Kjeu2W3
 IP02ZfLG5EHXmLLEG5LUpGaYc5PX8CkIc6i1gIAEKXr9uMC2E7RL8l75eE+t95H7VzrF
 e+r5EoSxo3/smQgjpPlwy73+h1bLIX4ANtSz+/60pMIjvpHdWwSi1oyChbchvB4hogam
 XEsg==
X-Gm-Message-State: ALoCoQlD+RmDjmcMzMCkr7BFWo9P2rYsXyo1ocbrQbLhsv7UWOBdxGerhXGFjyPLIeR0dHJhiTPv
MIME-Version: 1.0
X-Received: by 10.170.98.135 with SMTP id p129mr12145318yka.101.1416849187284; 
 Mon, 24 Nov 2014 09:13:07 -0800 (PST)
Received: by 10.170.46.213 with HTTP; Mon, 24 Nov 2014 09:13:07 -0800 (PST)
X-Originating-IP: [80.95.88.175]
In-Reply-To: <CAPyFy2AN_qvt7o+wgYb9Tfo0ctG3vCKq5Z7QOFMGOfgMU-9HGg@mail.gmail.com>
References: <6a4308e3ce1d4835be5caef3f96b0c50@tedunangst.com>
 <CAPyFy2AN_qvt7o+wgYb9Tfo0ctG3vCKq5Z7QOFMGOfgMU-9HGg@mail.gmail.com>
Date: Mon, 24 Nov 2014 18:13:07 +0100
Message-ID: <CAPQ4ffuFG75Lw0nomZ5UHV5xAgWhLoSGdnP6Fr3GMsQk8XL0fQ@mail.gmail.com>
Subject: Re: fix base64.c "overrun"
From: Oliver Pinter <oliver.pinter@hardenedbsd.org>
To: Ed Maste <emaste@freebsd.org>
Content-Type: text/plain; charset=UTF-8
Cc: Ted Unangst <tedu@tedunangst.com>,
 "freebsd-hackers@freebsd.org" <freebsd-hackers@freebsd.org>
X-BeenThere: freebsd-hackers@freebsd.org
X-Mailman-Version: 2.1.18-1
Precedence: list
List-Id: Technical Discussions relating to FreeBSD
 <freebsd-hackers.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/options/freebsd-hackers>, 
 <mailto:freebsd-hackers-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-hackers/>
List-Post: <mailto:freebsd-hackers@freebsd.org>
List-Help: <mailto:freebsd-hackers-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-hackers>,
 <mailto:freebsd-hackers-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Mon, 24 Nov 2014 17:20:06 -0000

On Mon, Nov 24, 2014 at 5:50 PM, Ed Maste <emaste@freebsd.org> wrote:
> On 22 November 2014 at 17:09, Ted Unangst <tedu@tedunangst.com> wrote:
>> From inspection, it appears FreeBSD's libc base64.c will sometimes
>> erroneously fail to decode a base64 string into a precisely sized
>> buffer. The overflow check is a little too greedy. The same bug was
>> fixed in OpenBSD; it would be helpful if FreeBSD adopted the fix as
>> well. :)
>>
>> http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/lib/libc/net/base64.c.diff?r1=1.6&r2=1.7
>
> Thanks for the heads-up Ted, I'll take care of getting the fix in.

Hi Ed!

Check this: https://github.com/HardenedBSD/hardenedBSD/issues/68
https://github.com/HardenedBSD/hardenedBSD/commit/d6e5388b831b190a0ff39898d354ab68b9b6a965

> _______________________________________________
> freebsd-hackers@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-hackers
> To unsubscribe, send any mail to "freebsd-hackers-unsubscribe@freebsd.org"