what actually uses xdr_mem.c?
Colin Percival
colin.percival at wadham.ox.ac.uk
Thu Mar 27 07:29:48 PST 2003
At 02:25 27/03/2003 +0000, I wrote:
> To clarify: I'm not sure if my code worked properly here. It certainly
> hasn't missed any files, but it might have introduced false positives --
> I was surprised by the number of files it identified as having
> changed. I'm currently looking at this in more detail to determine if in
> fact these are false positives.
And the answer is, they're not false positives. libc/xdr/xdr_mem is
used by libc/rpc/clnt_tcp, which is used by libc/yp/yplib, and that is
included in:
/bin/csh
/bin/date
/bin/ls
/bin/mv
/bin/pax
/bin/ps
/bin/rcp
/bin/rm
/bin/sh
/bin/tcsh
/bin/unlink
/sbin/atm
/sbin/dhclient
/sbin/dump
/sbin/fastboot
/sbin/fasthalt
/sbin/fsck
/sbin/fsdb
/sbin/halt
/sbin/ifconfig
/sbin/init
/sbin/ip6fw
/sbin/ipf
/sbin/ipfstat
/sbin/ipfw
/sbin/ipmon
/sbin/ipnat
/sbin/mknod
/sbin/mount
/sbin/mount_msdos
/sbin/mount_nfs
/sbin/mount_ntfs
/sbin/mount_nwfs
/sbin/mount_portal
/sbin/mountd
/sbin/natd
/sbin/nfsd
/sbin/nos-tun
/sbin/ping
/sbin/ping6
/sbin/quotacheck
/sbin/rdump
/sbin/reboot
/sbin/restore
/sbin/route
/sbin/routed
/sbin/rrestore
/sbin/rtquery
/sbin/shutdown
/sbin/umount
/sbin/vinum
/usr/bin/tar
/usr/lib/libc.a
/usr/lib/libc.so.4
/usr/lib/libc_p.a
/usr/lib/libc_pic.a
/usr/lib/libc_r.a
/usr/lib/libc_r.so.4
/usr/lib/libc_r_p.a
/usr/libexec/elf/gdb
Of course, in most (all?) of these cases it would be impossible to
exploit the xdr bug, but all those files contain the modified code.
Colin Percival
More information about the freebsd-security
mailing list