Re: [ ** Snes9x buffer overflow vulnerability ** ]

[Heikki Korpela <heko () iki fi>]

Mike Hoskins wrote on "Re: [ ** Snes9x buffer overflow vulnerability ** ]": 
> > Tested platforms: FreeBSD, NetBSD, OpenBSD and Linux.

> mike@mojo{mike}$ uname -a
> FreeBSD mojo.televoke.net 4.4-STABLE FreeBSD 4.4-STABLE #5: Tue Sep 18 16:11:35
> PDT 2001     mike () mojo televoke net:/usr/obj/usr/src/sys/MOJO  i386
> mike@mojo{mike}$ ls -al /usr/X11R6/bin/snes9x
> -r-xr-xr-x   1 root     wheel     1718336 Jun 25 11:08 /usr/X11R6/bin/snes9x*
> mike@mojo{mike}$ pkg_info|grep snes
> snes9x-1.37c        Super Nintendo Entertainment System(SNES) Emulator
> This was installed from ports and did not have SUID set by default.

% uname -a
OpenBSD ip212-226-147-201.adsl.kpnqwest.fi 3.0 GENERIC#0 i386
% pkg_info -L snes9x | grep '/' | xargs ls -l
-r-xr-xr-x  1 root  bin  1295464 Oct 14 18:31 /builds/localbase/bin/snes9x
-r--r--r--  1 root  bin    97197 Oct 14 18:31 /builds/localbase/share/doc/snes9x/CHANGES.TXT
-r--r--r--  1 root  bin    22421 Oct 14 18:31 /builds/localbase/share/doc/snes9x/HARDWARE.TXT
-r--r--r--  1 root  bin    36065 Oct 14 18:31 /builds/localbase/share/doc/snes9x/README.TXT
% snes9x /dev/null
[snip]
Can't open "/dev/mem", full screen mode not available: Permission denied