|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: Niels Provos (provos_at_citi.umich.edu)
Date: Sun Aug 11 2002 - 17:31:45 CDT
On Sun, Aug 11, 2002 at 02:47:23PM -0700, Kris Kennaway wrote:
> In case anyone is wondering, it looks like FreeBSD fixed this security
> hole 6 years ago, in the following commit:
>
> ---
> Revision 1.19 / (download) - annotate - [select for diffs], Tue Aug 20 07:17:48 1996 UTC (5 years, 11 months ago) by smpatel
> Branch: MAIN
> Changes since 1.18: +43 -15 lines
> Diff to previous 1.18 (colored)
>
> Remove the kernel FD_SETSIZE limit for select().
> Make select()'s first argument 'int' not 'u_int'.
>
> Reviewed by: bde
> ---
Read that commit message carefully. That problem was introduced into
FreeBSD six years ago. It was fixed last year.
revision 1.74
date: 2001/02/27 00:50:20; author: jlemon; state: Exp; lines: +3 -2
Cast nfds to u_int before range checking it in order to catch negative
values.
PR: 25393
NetBSD fixed it somewhat later.
I did not contact anyone at FreeBSD or NetBSD because it was not a
problem there in case you were wondering.
Niels.
To Unsubscribe: send mail to majordomo
FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]