Bugtraq mailing list archives
Re: profil(2) bug, a simple test program
From: eivind () FREEBSD ORG (Eivind Eklund)
Date: Wed, 11 Aug 1999 15:37:06 +0200
On Tue, Aug 10, 1999 at 12:28:20PM -0700, Ross Harvey wrote:
I would have preinformed Sun had I not been under the impression that they had fixed it, although it shouldn't matter much given the high degree of difficulty in constructing an exploit. I wasn't as worried about the other BSD's, because the simple NetBSD patch that was included should work OK at any BSD site. OpenBSD has applied the NetBSD patch to their current sources, but note that all releases of all BSD kernels prior to NetBSD 1.4.1 (which is in process and expected later this week) appear to have this bug.
The code in FreeBSD is somewhat different (it is actually amazingly close, given that the code was written twice, by two different parties); patch (not tested) below. Index: kern_exec.c =================================================================== RCS file: /home/ncvs/src/sys/kern/kern_exec.c,v retrieving revision 1.99 diff -u -r1.99 kern_exec.c --- kern_exec.c 1999/04/27 11:15:55 1.99 +++ kern_exec.c 1999/08/11 13:29:28 @@ -229,6 +229,9 @@ p->p_fd = tmp; } + /* stop profiling */ + stopprofclock(p); + /* close files on exec */ fdcloseexec(p); Eivind.
Current thread:
- Re: profil(2) bug, a simple test program Ross Harvey (Aug 10)
- Re: profil(2) bug, a simple test program Eivind Eklund (Aug 11)
- Microsoft Security Bulletin (MS99-029) Aleph One (Aug 11)
- <Possible follow-ups>
- Re: profil(2) bug, a simple test program Chris Calabrese (Aug 11)