From owner-freebsd-bugs@FreeBSD.ORG Sat Mar 26 20:10:05 2005 Return-Path: Delivered-To: freebsd-bugs@hub.freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 77D9A16A4CE for ; Sat, 26 Mar 2005 20:10:05 +0000 (GMT) Received: from freefall.freebsd.org (freefall.freebsd.org [216.136.204.21]) by mx1.FreeBSD.org (Postfix) with ESMTP id 5B11C43D58 for ; Sat, 26 Mar 2005 20:10:05 +0000 (GMT) (envelope-from gnats@FreeBSD.org) Received: from freefall.freebsd.org (gnats@localhost [127.0.0.1]) by freefall.freebsd.org (8.13.3/8.13.3) with ESMTP id j2QKA5hs024283 for ; Sat, 26 Mar 2005 20:10:05 GMT (envelope-from gnats@freefall.freebsd.org) Received: (from gnats@localhost) by freefall.freebsd.org (8.13.3/8.13.1/Submit) id j2QKA5cD024282; Sat, 26 Mar 2005 20:10:05 GMT (envelope-from gnats) Date: Sat, 26 Mar 2005 20:10:05 GMT Message-Id: <200503262010.j2QKA5cD024282@freefall.freebsd.org> To: freebsd-bugs@FreeBSD.org From: "Simon L. Nielsen" Subject: Re: bin/79260: syslogd may accept illegal facility number from remote. X-BeenThere: freebsd-bugs@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list Reply-To: "Simon L. Nielsen" List-Id: Bug reports List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 26 Mar 2005 20:10:05 -0000 The following reply was made to PR bin/79260; it has been noted by GNATS. From: "Simon L. Nielsen" To: Shuichi KITAGUCHI Cc: freebsd-gnats-submit@FreeBSD.org Subject: Re: bin/79260: syslogd may accept illegal facility number from remote. Date: Sat, 26 Mar 2005 21:01:29 +0100 --KsGdsel6WgEHnImy Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On 2005.03.26 18:00:52 +0000, Shuichi KITAGUCHI wrote: > syslogd can accept priority number which larger than LOG_NFACILITIES > from remote host. but in struct filed, member variable f_pmask array > and f_pcmp array is limited to LOG_NFACILITIES. therefore syslogd > access invalid address in logmsg() when facility is larger than > LOG_NFACILITIES. Have you looked at what the implications of this is, mainly can you crash syslogd due to this bug? --=20 Simon L. Nielsen --KsGdsel6WgEHnImy Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.0 (FreeBSD) iD8DBQFCRb+Sh9pcDSc1mlERAtNgAJoCGDwMqqgXv5pwQ2aGeNe/NvpF+QCfftXV huaaCZgoIr8d0OLNaqIWjGA= =HujK -----END PGP SIGNATURE----- --KsGdsel6WgEHnImy--