Synopsis: Kernel memory disclosure via ibcs2
NetBSD versions: 1.5.3, 1.5.2, 1.5.1, 1.5
Thanks to: [email protected]
Reported in NetBSD Security Advisory: NetBSD-SA2003-013


Index: ibcs2_stat.c
===================================================================
RCS file: /cvsroot/src/sys/compat/ibcs2/ibcs2_stat.c,v
retrieving revision 1.14.4.2
retrieving revision 1.14.4.3
diff -u -r1.14.4.2 -r1.14.4.3
--- ibcs2_stat.c        2002/09/04 04:09:08     1.14.4.2
+++ ibcs2_stat.c        2003/08/27 05:31:56     1.14.4.3
@@ -111,6 +111,11 @@
       int len;
{
       struct ibcs2_statvfs ssvfs;
+
+       if (len < 0)
+               return (EINVAL);
+       if (len > sizeof(ssvfs))
+               len = sizeof(ssvfs);

       if (len < 0)
               return (EINVAL);

You are viewing proxied material from ftp.icm.edu.pl. The copyright of proxied material belongs to its original authors. Any comments or complaints in relation to proxied material should be directed to the original authors of the content concerned. Please see the disclaimer for more details.