no patch, is there a problem

Colin Percival cperciva at
Thu Mar 17 21:37:16 PST 2005

David Schultz wrote:
> On Thu, Mar 17, 2005, Colin Percival wrote:
>>We're not affected.  The problem is in copyoutstr(),
>>which doesn't exist in FreeBSD.
> It exists on FreeBSD/alpha because it was blindly copied from
> NetBSD.  However, we don't use it, and it appears to do proper
> validation anyway.

Heh.  The problem was in Net/OpenBSD's implementations of
copyoutstr() on i386 and amd64 only.

> I'm not sure whether the bugtraq submitter is intentionally
> spreading FUD or just lazy; the assertion that we do ``no
> validation'' in copyout is patently false.

I'm sure someone wrote "multiple BSDs" and someone else read
that as including FreeBSD.  The problem description was correct,
for the affected systems -- the i386 and amd64 versions of
copystrout() on OpenBSD and NetBSD did not do any validation
of the target address.

Colin Percival

More information about the freebsd-security mailing list