From owner-freebsd-stable Thu May 13 8: 5: 4 1999 Delivered-To: freebsd-stable@freebsd.org Received: from gatekeeper.tsc.tdk.com (gatekeeper.tsc.tdk.com [207.113.159.21]) by hub.freebsd.org (Postfix) with ESMTP id 4AF1514EED for ; Thu, 13 May 1999 08:05:02 -0700 (PDT) (envelope-from gdonl@tsc.tdk.com) Received: from sunrise.gv.tsc.tdk.com (root@sunrise.gv.tsc.tdk.com [192.168.241.191]) by gatekeeper.tsc.tdk.com (8.8.8/8.8.8) with ESMTP id IAA12753 for ; Thu, 13 May 1999 08:05:01 -0700 (PDT) (envelope-from gdonl@tsc.tdk.com) Received: from salsa.gv.tsc.tdk.com (salsa.gv.tsc.tdk.com [192.168.241.194]) by sunrise.gv.tsc.tdk.com (8.8.5/8.8.5) with ESMTP id IAA13231 for ; Thu, 13 May 1999 08:05:00 -0700 (PDT) Received: (from gdonl@localhost) by salsa.gv.tsc.tdk.com (8.8.5/8.8.5) id IAA04510 for stable@freebsd.org; Thu, 13 May 1999 08:04:59 -0700 (PDT) Date: Thu, 13 May 1999 08:04:59 -0700 (PDT) From: Don Lewis Message-Id: <199905131504.IAA04510@salsa.gv.tsc.tdk.com> To: stable@freebsd.org Subject: potential inetd heap corruptor found Sender: owner-freebsd-stable@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG I finally got bit by the inetd malloc bug on a newly upgrade 3.1-STABLE machine a couple weeks ago. Of course, it only happened right after the first boot and was totally unreproduceable. I finally had some time last night to try to track down the problem. I went after inetd and the libraries it was using with the bc-gcc and turned up a bug in login_class() that has the potential to corrupt the heap. See PR bin/11687 for more information and a patch. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-stable" in the body of the message