From owner-freebsd-security@FreeBSD.ORG Tue Mar 25 22:11:53 2003 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 11C6E37B401 for ; Tue, 25 Mar 2003 22:11:53 -0800 (PST) Received: from pilchuck.reedmedia.net (pilchuck.reedmedia.net [209.166.74.74]) by mx1.FreeBSD.org (Postfix) with ESMTP id 3551B43F93 for ; Tue, 25 Mar 2003 22:11:52 -0800 (PST) (envelope-from reed@reedmedia.net) Received: from reed by pilchuck.reedmedia.net with local-esmtp (Exim 3.12 #1 (Debian)) id 18y48Z-0006SE-00; Tue, 25 Mar 2003 22:11:47 -0800 Date: Tue, 25 Mar 2003 22:11:46 -0800 (PST) From: "Jeremy C. Reed" To: freebsd-security@FREEBSD.ORG Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII X-Spam-Status: No, hits=-5.8 required=5.0 tests=USER_AGENT_PINE autolearn=ham version=2.50 X-Spam-Level: X-Spam-Checker-Version: SpamAssassin 2.50 (1.173-2003-02-20-exp) X-Mailman-Approved-At: Tue, 25 Mar 2003 22:15:19 -0800 Subject: what actually uses xdr_mem.c? X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Security issues [members-only posting] List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 26 Mar 2003 06:12:00 -0000 X-List-Received-Date: Wed, 26 Mar 2003 06:12:00 -0000 In regards to FreeBSD-SA-03:05.xdr, does anyone know which static binaries or tools under /bin or /sbin actually use that problem code? The recent XDR fixes the xdrmem_getlong_aligned(), xdrmem_putlong_aligned(), xdrmem_getlong_unaligned(), xdrmem_putlong_unaligned(), xdrmem_getbytes(), and/or xdrmem_putbytes() functions, but it is difficult to know what uses these (going backwards manually). For example, a simple MD5 (of binaries before and after) shows many changes that are probably irrelevant. It is hard to tell if any static tools even use those changes; maybe mount_nfs and umount. And maybe /usr/lib/librpcsvc*. Is the XDR only used for RPC related tools? (Or is it is used as a generic portable binary data format used with all libc?) With some other libc security issues (such as with resolver), you can easily know which tools use that code. The various XDR-related advisories are vague and don't really mention what can be effected by this issue. (For last summer's xdr issue, it was suggested (for Solaris) that the Desktop Management Interface service daemon and Calendar Manager service daemon be disabled.) Jeremy C. Reed http://bsd.reedmedia.net/ p.s. I provide binary updates for customers; and for most issues I don't want to provide binaries that are not effected.