|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Prov. patch for the file hole ISS disclosed
From: Guy Poizat (guy
device.dyndns.org)
Date: Thu Mar 06 2003 - 08:15:47 CST
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Here is my suggestion. Feel free to comment/correct me,
as this is my first ever C line out of a windows system :]
I tested it against RELENG_4.
--- src/contrib/file/readelf.c Sun Nov 26 22:37:21 2000
+++ src/contrib/file/readelf.c.patched Thu Mar 6 15:02:44 2003
-141,6 +141,9
Elf32_Shdr sh32;
Elf64_Shdr sh64;
+ if ( size > ( class == ELFCLASS32 ? sizeof(Elf32_Shdr) : sizeof(Elf64_Shdr) ) )
+ return;
+
if (lseek(fd, off, SEEK_SET) == -1)
error("lseek failed (%s).\n", strerror(errno));
To Unsubscribe: send mail to majordomoFreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]