Bugtraq mailing list archives

Re: Fwd: Any user can panic OpenBSD machine

From: Todd.Miller () COURTESAN COM (Todd C. Miller)
Date: Tue, 28 Jul 1998 17:02:24 -0600


In message <199807281751.KAA09455 () lestat nas nasa gov>
        so spake Jason Thorpe (thorpej):

I'd also like to point out that the OpenBSD "fix" for the problem is
incorrect.

It is now possible for the OpenBSD read and write system calls to return
garbage "bytes actually transfered" values.


Not as of this afternoon ;-)  Personally, I think it's pretty stupid
that the return values for read/write are not large enough to encode
their size param.  Actually, XPG does not prohibit the use of nbytes

SSIZE_MAX, but that will hose people who check for a failed system

call by chaning against "< 0" instead of "== -1".  What the "right"
thing to do here is largely a matter of opinion as I've seen no
standards doc that really specifies this (feel free to correct me).

 - todd

Current thread:

Re: FD's 0..2 and suid/sgid procs (Was: Crash a redhat 5.1 linux, (continued)
- - - Re: FD's 0..2 and suid/sgid procs (Was: Crash a redhat 5.1 linux Pavel Kankovsky (Jul 30)
    - Re: netscape mail overflow(another one) Paul Boehm (Jul 29)
    - who Paul Boehm (Jul 28)
    - Re: Fwd: Any user can panic OpenBSD machine Chris Wedgwood (Jul 28)
- Re: Fwd: Any user can panic OpenBSD machine Dag-Erling Coidan Smørgrav (Jul 27)
  - Re: Fwd: Any user can panic OpenBSD machine Todd C. Miller (Jul 27)
- Re: Fwd: Any user can panic OpenBSD machine Peter Jeremy (Jul 27)
- Re: Fwd: Any user can panic OpenBSD machine Chris Wedgwood (Jul 27)
- Re: Fwd: Any user can panic OpenBSD machine Joshua Cope (Jul 28)
- Re: Fwd: Any user can panic OpenBSD machine Jason Thorpe (Jul 28)
  - Re: Fwd: Any user can panic OpenBSD machine Todd C. Miller (Jul 28)
- Re: Fwd: Any user can panic OpenBSD machine der Mouse (Jul 29)