misc/104747: read of data
Maxim Konovalov
maxim at macomnet.ru
Tue Oct 24 06:00:49 PDT 2006
The following reply was made to PR misc/104747; it has been noted by GNATS.
From: Maxim Konovalov <maxim at macomnet.ru>
To: Vladimir <worms at inbox.ru>
Cc: bug-followup at freebsd.org
Subject: Re: misc/104747: read of data
Date: Tue, 24 Oct 2006 16:58:02 +0400 (MSD)
On Tue, 24 Oct 2006, 12:35-0000, Vladimir wrote:
>
> >Number: 104747
> >Category: misc
> >Synopsis: read of data
> >Confidential: no
> >Severity: serious
> >Priority: high
> >Responsible: freebsd-bugs
> >State: open
> >Quarter:
> >Keywords:
> >Date-Required:
> >Class: sw-bug
> >Submitter-Id: current-users
> >Arrival-Date: Tue Oct 24 12:40:15 GMT 2006
> >Closed-Date:
> >Last-Modified:
> >Originator: Vladimir
> >Release: 5.X 6.X
> >Organization:
> Alpenbau
> >Environment:
> DDoS
> >Description:
> /* FreeBSD cvs commit: src/sys/ufs/ufs/ufs_vnops.c maxim 2006-05-31 13:15:29 UTC
> Log: According to POSIX, the result of ftruncate(2) is unspecified
> for file types other than VREG, VDIR and shared memory objects.
> We already handle VREG, VLNK and VDIR cases. Silently ignore
> truncate requests for all the rest. PR kern/98064
> it out in '06 !"#%&%(20061013)(="#"!
> tested on FreeBSD 6.0-RELEASE-p5, 6.1-RELEASE-p10 (latest at the time of writing) - it just makes the system reboot, and with a bit of luck fucks up the filesystem. that sort of makes this 0day local freebsd denial of service for non-CURRENT or whatever.
> usage: ./run me
> */
We fixed this bug in HEAD, RELENG_6 and therefore in upcoming
6.2-RELEASE. Could you please clarify your point a bit more?
--
Maxim Konovalov
More information about the freebsd-bugs
mailing list