Bugtraq mailing list archives
Re: Fwd: Any user can panic OpenBSD machine
From: jrvalverde () cnb uam es (J.R. Valverde)
Date: Tue, 28 Jul 1998 11:47:23 +0200
Even though the values are declared u_int, they seem to be used in the code as signed numbers (maybe that's a problem), so return EINVAL for a number, cast to signed, that is negative seems appropriate.
Under no circumstances at all. If the error is raised by the compiler and the code rejected unless a correction is made, then it may be OK, but on run time the "-1" does NOT exist at all, it is only a pattern of zeroes and ones, which might as well be a valid unsigned value. Rejecting such patterns on the premise that the programmer might had made a mistake and used a negative number in the code fails to consider the case where the programmer actually intended to use such a big unsigned value. If the var is an u_int then every bit pattern that can be interpreted as an unsigned integer should be accepted. Otherwise it should be declared a different type or an acceptable range of values stated clearly somewhere and tested through appropriate variable/constants/macros. What if next computer generation allows for bigger iov_len values and there is room for valid values bigger than 2**31 + 1? What if the machine uses a different convention for representing sign? What if...? The problem is not that the bit pattern *might* have been interpreted as a negative number by a hypothetical human, but that the acceptable limits are note well defined/tested. The code should not test the hypothetical intetion of a hypothetical sloppy programmer disregarding possibly legit values. It should define legal values and test them, nothing more, nothing less. jr
Current thread:
- Re: Fwd: Any user can panic OpenBSD machine Jason Thorpe (Jul 27)
- <Possible follow-ups>
- Re: Fwd: Any user can panic OpenBSD machine Michael Graff (Jul 27)
- Re: Fwd: Any user can panic OpenBSD machine Todd C. Miller (Jul 27)
- Re: Fwd: Any user can panic OpenBSD machine Warner Losh (Jul 27)
- Re: Fwd: Any user can panic OpenBSD machine J.R. Valverde (Jul 28)
- Re: Fwd: Any user can panic OpenBSD machine Felix Schroeter (Jul 28)
- netscape mail overflow(another one) Paul Boehm (Jul 28)
- Re: netscape mail overflow(another one) Brett Glass (Jul 28)
- Re: netscape mail overflow(another one) pedward () WEBCOM COM (Jul 29)
- HP-UX Predictive & Netscape SSL Vulnerabilities Aleph One (Jul 29)
- Long attachment filename exploits: a procmail filter John D. Hardin (Jul 29)
- Crash a redhat 5.1 linux box Zachary Amsden (Jul 29)
- FD's 0..2 and suid/sgid procs (Was: Crash a redhat 5.1 linux box) Joe Zbiciak (Jul 29)
- Re: FD's 0..2 and suid/sgid procs (Was: Crash a redhat 5.1 linux Roger Espel Llima (Jul 30)
- Re: FD's 0..2 and suid/sgid procs (Was: Crash a redhat 5.1 linux Alan Cox (Jul 30)
- Re: Fwd: Any user can panic OpenBSD machine Todd C. Miller (Jul 27)