Skip site navigation (1)Skip section navigation (2) 
Date:      Thu, 27 Mar 2003 07:29:42 +0000
From:      Colin Percival <colin.percival@wadham.ox.ac.uk>
To:        "Jeremy C. Reed" <reed@reedmedia.net>, "Jacques A. Vidrine" <nectar@freebsd.org>
Cc:        freebsd-security@freebsd.org
Subject:   Re: what actually uses xdr_mem.c?
Message-ID:  <5.0.2.1.1.20030327055355.029c1478@popserver.sfu.ca>
In-Reply-To: <5.0.2.1.1.20030327021835.01e005c8@popserver.sfu.ca>
References:  <Pine.LNX.4.43.0303260803200.21019-100000@pilchuck.reedmedi a.net> <20030326140204.GC33671@madman.celabo.org>
next in thread | previous in thread | raw e-mail | index | archive | help 
At 02:25 27/03/2003 +0000, I wrote:
>   To clarify: I'm not sure if my code worked properly here.  It certainly 
> hasn't missed any files, but it might have introduced false positives -- 
> I was surprised by the number of files it identified as having 
> changed.  I'm currently looking at this in more detail to determine if in 
> fact these are false positives.

   And the answer is, they're not false positives.  libc/xdr/xdr_mem is 
used by libc/rpc/clnt_tcp, which is used by libc/yp/yplib, and that is 
included in:

/bin/csh
/bin/date
/bin/ls
/bin/mv
/bin/pax
/bin/ps
/bin/rcp
/bin/rm
/bin/sh
/bin/tcsh
/bin/unlink
/sbin/atm
/sbin/dhclient
/sbin/dump
/sbin/fastboot
/sbin/fasthalt
/sbin/fsck
/sbin/fsdb
/sbin/halt
/sbin/ifconfig
/sbin/init
/sbin/ip6fw
/sbin/ipf
/sbin/ipfstat
/sbin/ipfw
/sbin/ipmon
/sbin/ipnat
/sbin/mknod
/sbin/mount
/sbin/mount_msdos
/sbin/mount_nfs
/sbin/mount_ntfs
/sbin/mount_nwfs
/sbin/mount_portal
/sbin/mountd
/sbin/natd
/sbin/nfsd
/sbin/nos-tun
/sbin/ping
/sbin/ping6
/sbin/quotacheck
/sbin/rdump
/sbin/reboot
/sbin/restore
/sbin/route
/sbin/routed
/sbin/rrestore
/sbin/rtquery
/sbin/shutdown
/sbin/umount
/sbin/vinum
/usr/bin/tar
/usr/lib/libc.a
/usr/lib/libc.so.4
/usr/lib/libc_p.a
/usr/lib/libc_pic.a
/usr/lib/libc_r.a
/usr/lib/libc_r.so.4
/usr/lib/libc_r_p.a
/usr/libexec/elf/gdb

   Of course, in most (all?) of these cases it would be impossible to 
exploit the xdr bug, but all those files contain the modified code.

Colin Percival

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?5.0.2.1.1.20030327055355.029c1478>