Go Back   DaemonForums > OpenBSD > OpenBSD Security

OpenBSD Security Functionally paranoid!

Thread Tools Display Modes
Prev Previous Post   Next Post Next
  #1   (View Single Post)  
Old 23rd April 2012
jsmith6134 jsmith6134 is offline
Port Guard
Join Date: May 2009
Posts: 10
Default patch for CVE-2012-2110 - incorrect?

I was examining the patch for security fix for 5.0:


part of the patch looks incorrect:

- if (!BUF_MEM_grow_clean(b,len+want))
+ if (len + want < len || !BUF_MEM_grow_clean(b,len+want))

"len + want < len" should always be false unless "want" can be negative. If "want" could be negative and that is what the author was trying to detect, then the code should be written:

+ if (want < 0 || !BUF_MEM_grow_clean(b,len+want))

I realize the patch does not show the full source for the file. Am I missing something?
Reply With Quote

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Videos of Open Source Forum talks from CeBIT 2012 J65nko News 0 23rd March 2012 01:44 AM
Fosdem 2012 (4-5 February) Brussels -Belgium J65nko News 0 22nd January 2012 08:51 PM
Patch question Mr-Biscuit Off-Topic 6 4th May 2010 07:47 PM
Patch for libXemu-1.0.3,1 mjj FreeBSD Installation and Upgrading 1 3rd January 2010 09:47 PM
Incorrect df results (not -h, not a FAQ) nathang FreeBSD General 5 8th June 2008 06:44 AM

All times are GMT. The time now is 01:34 AM.

Powered by vBulletin® Version 3.8.4
Copyright ©2000 - 2020, Jelsoft Enterprises Ltd.
Content copyright © 2007-2010, the authors
Daemon image copyright ©1988, Marshall Kirk McKusick