cvs commit: src/sys/compat/linux linux_misc.c
dom at helenmarks.co.uk
Sat Jun 24 12:17:13 UTC 2006
Alexander Leidinger wrote:
> Quoting Alexander Leidinger <netchild at FreeBSD.org> (Fri, 23 Jun 2006
> 18:49:38 +0000 (UTC)):
>> netchild 2006-06-23 18:49:38 UTC
>> FreeBSD src repository
>> Modified files:
>> sys/compat/linux linux_misc.c
>> The linux times syscall can be called with a NULL pointer, so keep
>> and don't panic.
>> This fix is different from the patch submitted as it not only
>> a NULL-pointer dereference, but also skips some work in this case.
> I realized this may be a little bit misleading...
> The NULL pointer is used as the destination in a copyout. And it
> some kind of time values (current time). So this will overwrite parts
> at the userland address 0. This will not lead to a kernel panic, but
> will do malicious things to the program which uses the linux times
> syscall. So this is not a DoS in any case. The problematic case is
> a linux program uses a NULL pointer in the times syscall
> This may render the service which uses such a linux program useless
> sometimes. For programs which use NULL there every time, this is not a
> DoS, it's just a normal bug (e.g. you can't use Oracle 10g Express)
> which prevents the use of this program.
> So this is not a a huge security flaw, it's more a not so small
> inconvenience. Since the RELENG_x_y branches are under control of the
> secteam, I used the "Security:" mark up to encode the possible need to
> merge this (I'm assuming Oracle 10g is important enough that we want
> our users to be able to run it).
> For the curious people: there are two more patches needed to run
> 10g. They involve linprocfs and pseudofs. I will take care of them
> later (and if this commit is subject to a merge to RELENG_x_y, the
> two patches should be too, but this will the powers with hats
We use lots of Oracle at work but currently on Windows and Solaris.
I'd be interested in testing and helping document '10g on FreeBSD'
this once these patches are available / in the tree.
> ...and that is how we know the Earth to be banana-shaped.
> http://www.Leidinger.net Alexander @ Leidinger.net: PGP ID = B0063FE7
> http://www.FreeBSD.org netchild @ FreeBSD.org : PGP ID = 72077137
> cvs-src at freebsd.org mailing list
> To unsubscribe, send any mail to "cvs-src-unsubscribe at freebsd.org"
More information about the cvs-src