From owner-freebsd-security@FreeBSD.ORG Fri Apr 1 14:18:38 2005 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id D566E16A4CE; Fri, 1 Apr 2005 14:18:38 +0000 (GMT) Received: from gw.celabo.org (gw.celabo.org [208.42.49.153]) by mx1.FreeBSD.org (Postfix) with ESMTP id 6E5B543D2F; Fri, 1 Apr 2005 14:18:38 +0000 (GMT) (envelope-from nectar@celabo.org) Received: from gw.celabo.org (localhost [127.0.0.1]) by internal.gw.celabo.org (Postfix) with ESMTP id D592C3E2C2A; Fri, 1 Apr 2005 08:18:33 -0600 (CST) Received: from lum.celabo.org (lum.celabo.org [10.0.1.107]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client CN "lum.celabo.org", Issuer "celabo.org CA" (verified OK)) by gw.celabo.org (Postfix) with ESMTP id CAB5D3E2C1F; Fri, 1 Apr 2005 08:18:33 -0600 (CST) Received: by lum.celabo.org (Postfix, from userid 1001) id 6C2E66BF3C9; Fri, 1 Apr 2005 08:18:33 -0600 (CST) Date: Fri, 1 Apr 2005 08:18:33 -0600 From: "Jacques A. Vidrine" To: Roberto Message-ID: <20050401141833.GF4455@lum.celabo.org> Mail-Followup-To: "Jacques A. Vidrine" , Roberto , Colin Percival , Steve Kiernan , freebsd-security@freebsd.org References: <1112296855.8421.64.camel@localhost> <424C7B88.9030605@freebsd.org> <1068.192.168.0.150.1112340588.squirrel@mail.redix.it:443> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <1068.192.168.0.150.1112340588.squirrel@mail.redix.it:443> X-Url: http://www.celabo.org/ User-Agent: Mutt/1.5.6i X-Spam-Checker-Version: SpamAssassin 3.0.2 (2004-11-16) on hellblazer.celabo.org X-Spam-Level: X-Spam-Status: No, score=-5.9 required=5.0 tests=ALL_TRUSTED,BAYES_00 autolearn=ham version=3.0.2 cc: Steve Kiernan cc: freebsd-security@freebsd.org cc: Colin Percival Subject: Re: FreeBSD Security Advisory FreeBSD-SA-05:01.telnet X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Security issues [members-only posting] List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 01 Apr 2005 14:18:39 -0000 On Fri, Apr 01, 2005 at 09:29:48AM +0200, Roberto wrote: > Actually I've not read the code, Then why are you posting your opinion about it? (^_^) I guess I'm responding to your post only to prevent others from worrying about a non-existent ``problem''. > but from these email it seems to me that > someone could be confused by this code (at least Steve and I); for example > refer to the address "&slc_reply[128];" when slc_reply[127] is the last > element. There is no reference to ``&slc_reply[128]''. There *is* a pointer initialized to the equivalent expression ``&slc_reply[sizeof(slc_reply)]'', which is the usual way to designate the end of a sequence. For example, char buf[...]; const char *eom = &buf[sizeof(buf)]; while (p < eom) /* `*p' is valid */; size_t n = eom - p; /* There are `n' bytes left */ If we used a pointer to the last element (instead of one beyond the last element), we'd need to adjust many expressions by 1, which is error-prone and ugly. > I do not want to be offensive in any way, what I want to say is that this > code is clear to you (and the person who wrote it) but the next programmer > that will reuse the code (because this is a open source) could make a > mistake. > > I think many bugs can derive from code not easy to understand. > > This is only my opinion. I find the tests fairly idiomatic and I find it easy to see their correctness. I doubt I'm alone. The suggested fix was reviewed by a number of coders from several open source operating system projects and caused no confusion. The form was chosen to clearly show how many bytes were expected to be written at that point. IMHO, using alternative forms invites off-by-one errors. if (&slc_replyp[6+2] > slc_reply_eom) return; /* past this point, we can write 6+2 bytes, slc_replyp[0] * through slc_replyp[7]. */ Cheers, -- Jacques A Vidrine / NTT/Verio nectar@celabo.org / jvidrine@verio.net / nectar@FreeBSD.org