Bugtraq mailing list archives
Re: quickie fix to xdm port problem
From: iang () CS BERKELEY EDU (Ian Goldberg)
Date: Fri, 22 May 1998 00:34:09 GMT
In article <199805191416.IAA10325 () cybers0d20 cg wave shaw ca>, id est <mrn () SHAW WAVE CA> wrote:
When "xdm" starts up, it creates a random high-numbered port that is apparently vulnerable to buffer overruns. The following is an extremely stone-knives-and-bearskins hack to deal with this problem, useful for those of us who just run X on a single machine and don't use "chooser". Get the source for "xdm" and comment out the line chooserFd = socket (AF_INET, SOCK_STREAM, 0); in the file "socket.c". Build and install. That's it. This closes that particular hole, abeit crudely. xdm starts up, seems to run normally, and does not create that random high- numbered port.
This is _still_ there?! I sent them a patch for this like _years_ ago! I still have their response (but I don't seem to still have the message I sent which contains the patch):
Subject: Re: xdm does not close chooserFd on fork In-Reply-To: Message from iagoldbe () calum csclub uwaterloo ca of 31 Jul 95 9:41:36 EDT <199507311341.JAA10454 () calum csclub uwaterloo ca> X-Bugs-Incarnation: gildea () x org Date: Wed, 20 Sep 1995 15:42:09 EDT From: X Bug Reports <bugs () x org> Thank you for sending a bug report to xbugs () x org. Nice analysis. Your report has been tagged and entered into the X bug database. xbugs () x org
Ugh. - Ian
Current thread:
- quickie fix to xdm port problem id est (May 19)
- <Possible follow-ups>
- Re: quickie fix to xdm port problem Ian Goldberg (May 21)