Bugtraq mailing list archives
Re: FreeBSD (and other BSDs?) local root explot
From: root () IHACK NET (Charles M. Hannum)
Date: Fri, 3 Sep 1999 12:06:15 -0400
As of yesterday, the OpenBSD version of fts.c was still susceptible to at least two bugs that can cause a core dump when FTS_NOCHDIR is used (e.g. by pax(1)). Beware if you do backups with pax(1)! These problems, and others, are fixed in the current NetBSD version. revision 1.20 date: 1999/08/27 18:01:35; author: mycroft; state: Exp; lines: +16 -10 Fix multiple problems in the FTS_NOCHDIR case: * There was an off-by-one error that caused the addition of a NUL or slash in fts_build() to overwrite other memory. * After fts_palloc(), we need to reset `cp' so that it points to the new path name buffer; otherwise the addition of the file name before calling fts_stat() could lose.
Current thread:
- Re: FreeBSD (and other BSDs?) local root explot Ollivier Robert (Aug 30)
- <Possible follow-ups>
- Re: FreeBSD (and other BSDs?) local root explot Stas Kisel (Sep 01)
- Re: FreeBSD (and other BSDs?) local root explot Charles M. Hannum (Sep 03)