From owner-freebsd-stable@FreeBSD.ORG Fri Sep 30 01:05:40 2011 Return-Path: Delivered-To: freebsd-stable@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 96FC71065678 for ; Fri, 30 Sep 2011 01:05:40 +0000 (UTC) (envelope-from imb@protected-networks.net) Received: from sarah.protected-networks.net (sarah.protected-networks.net [IPv6:2001:470:1f07:4e1::1]) by mx1.freebsd.org (Postfix) with ESMTP id 5BBB18FC12 for ; Fri, 30 Sep 2011 01:05:40 +0000 (UTC) Received: from toshi.auburn.protected-networks.net (toshi.auburn.protected-networks.net [IPv6:2001:470:1f07:4e1::4]) (using TLSv1 with cipher DHE-RSA-CAMELLIA256-SHA (256/256 bits)) (Client CN "Iain Butler", Issuer "RSA Class 2 Personal CA" (verified OK)) (Authenticated sender: imb@protected-networks.net) by sarah.protected-networks.net (Postfix) with ESMTPSA id 156846108; Thu, 29 Sep 2011 21:05:38 -0400 (EDT) DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=protected-networks.net; s=200705; t=1317344739; bh=OkD+eSpfBmyUhA2/DeB6B8jAiqEALSID8YA/zt24mOg=; h=Message-ID:Date:From:MIME-Version:To:CC:Subject:References: In-Reply-To:Content-Type:Content-Transfer-Encoding; b=hhVClcCVj0TEHzZ+Kf9kSsyG/sCAhDAIiVv/9S7J2mvuhZ7hNMDmpIRw4YmLuzD8V LWBJroEHe7ZN6IxyKJ9MhKQ2syl4GIYjnLSHBljl1vRZoPRIYmHQvPsaNjvzmks DomainKey-Signature: a=rsa-sha1; s=200509; d=protected-networks.net; c=nofws; q=dns; h=message-id:date:from:user-agent:mime-version:to:cc:subject: references:in-reply-to:content-type:content-transfer-encoding; b=Rq40/FNTtEps+9C+9qg5TtYXNBH8bnhrt7gocPAkVrFPVdLnXPnz672kxNPrsGhlY r9KvTyefxs8ylU17nt6Z7wU7qkzA360Qk51S2FqkblgMNDEA0spn76cn/QdD/KU Message-ID: <4E8515E1.6050902@protected-networks.net> Date: Thu, 29 Sep 2011 21:05:37 -0400 From: Michael Butler User-Agent: Mozilla/5.0 (X11; FreeBSD i386; rv:7.0) Gecko/20110928 Thunderbird/7.0 MIME-Version: 1.0 To: Jeremy Chadwick References: <20110928104226.2e53343f@cox.net> <587271317225583@web125.yandex.ru> <20110928115008.3d121d38@cox.net> <20110928121035.568ff6e6@cox.net> <753371317233305@web145.yandex.ru> <20110929175755.GA1694@callisto.augenstein.ten> <4E84BBE3.1090701@protected-networks.net> <20110929195001.GF2677@vim.isi.edu> <20110929220659.00002e73@unknown> <20110929235648.50d921f1@callisto.augenstein.ten> <20110929223047.GA3868@icarus.home.lan> In-Reply-To: <20110929223047.GA3868@icarus.home.lan> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Cc: freebsd-stable@freebsd.org Subject: Re: linux-f10-flashplugin X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 30 Sep 2011 01:05:40 -0000 On 09/29/11 18:30, Jeremy Chadwick wrote: > On Thu, Sep 29, 2011 at 11:56:48PM +0200, Norbert Augenstein wrote: [ .. snip .. ] >> it seems that >> http://security.freebsd.org/advisories/FreeBSD-SA-11:05.unix.asc >> is the culprit. > > Just for clarification: > > Said fix might explain the "ERROR: failed to initialize plugin-side RPC > client connection" problem, but would not explain the getpwuid_r() > problem. I reverted this piece of r225827 below against 10-CURRENT (at r225881) and flash works once again. Index: uipc_usrreq.c =================================================================== --- uipc_usrreq.c (revision 225826) +++ uipc_usrreq.c (revision 225827) @@ -462,6 +462,8 @@ unp = sotounpcb(so); KASSERT(unp != NULL, ("uipc_bind: unp == NULL")); + if (soun->sun_len > sizeof(struct sockaddr_un)) + return (EINVAL); namelen = soun->sun_len - offsetof(struct sockaddr_un, sun_path); if (namelen <= 0) return (EINVAL); @@ -1252,6 +1254,8 @@ unp = sotounpcb(so); KASSERT(unp != NULL, ("unp_connect: unp == NULL")); + if (nam->sa_len > sizeof(struct sockaddr_un)) + return (EINVAL); len = nam->sa_len - offsetof(struct sockaddr_un, sun_path); if (len <= 0) return (EINVAL);