[7447] in bugtraq
Re: Fwd: Any user can panic OpenBSD machine
daemon@ATHENA.MIT.EDU (Todd C. Miller)
Wed Jul 29 01:36:11 1998
Date: Tue, 28 Jul 1998 17:02:24 -0600
Reply-To: "Todd C. Miller" <Todd.Miller@COURTESAN.COM>
From: "Todd C. Miller" <Todd.Miller@COURTESAN.COM>
X-To: Jason Thorpe <thorpej@nas.nasa.gov>
To: BUGTRAQ@NETSPACE.ORG
In-Reply-To: Your message of "Tue, 28 Jul 1998 10:51:12 PDT."
<199807281751.KAA09455@lestat.nas.nasa.gov>
In message <199807281751.KAA09455@lestat.nas.nasa.gov>
so spake Jason Thorpe (thorpej):
> I'd also like to point out that the OpenBSD "fix" for the problem is
> incorrect.
>
> It is now possible for the OpenBSD read and write system calls to return
> garbage "bytes actually transfered" values.
Not as of this afternoon ;-) Personally, I think it's pretty stupid
that the return values for read/write are not large enough to encode
their size param. Actually, XPG does not prohibit the use of nbytes
> SSIZE_MAX, but that will hose people who check for a failed system
call by chaning against "< 0" instead of "== -1". What the "right"
thing to do here is largely a matter of opinion as I've seen no
standards doc that really specifies this (feel free to correct me).
- todd
