From owner-freebsd-hackers@FreeBSD.ORG  Tue Jun 24 06:50:05 2014
Return-Path: <owner-freebsd-hackers@FreeBSD.ORG>
Delivered-To: freebsd-hackers@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org
 [IPv6:2001:1900:2254:206a::19:1])
 (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits))
 (No client certificate requested)
 by hub.freebsd.org (Postfix) with ESMTPS id C0BBBD8A
 for <freebsd-hackers@freebsd.org>; Tue, 24 Jun 2014 06:50:05 +0000 (UTC)
Received: from tensor.andric.com (tensor.andric.com [87.251.56.140])
 (using TLSv1 with cipher DHE-RSA-CAMELLIA256-SHA (256/256 bits))
 (Client CN "tensor.andric.com", Issuer "CAcert Class 3 Root" (not verified))
 by mx1.freebsd.org (Postfix) with ESMTPS id 7DEA124BD
 for <freebsd-hackers@freebsd.org>; Tue, 24 Jun 2014 06:50:05 +0000 (UTC)
Received: from [IPv6:2001:7b8:3a7::f19a:b5ec:19bc:1f6c] (unknown
 [IPv6:2001:7b8:3a7:0:f19a:b5ec:19bc:1f6c])
 (using TLSv1 with cipher AES128-SHA (128/128 bits))
 (No client certificate requested)
 by tensor.andric.com (Postfix) with ESMTPSA id A9ADB5C44;
 Tue, 24 Jun 2014 08:50:01 +0200 (CEST)
Content-Type: multipart/signed;
 boundary="Apple-Mail=_DD81146C-A42E-4367-BFF5-12681B0F113F";
 protocol="application/pgp-signature"; micalg=pgp-sha1
Mime-Version: 1.0 (Mac OS X Mail 7.3 \(1878.2\))
Subject: Re: OB1
From: Dimitry Andric <dim@FreeBSD.org>
In-Reply-To: <53A8FBD7.8000900@gmx.com>
Date: Tue, 24 Jun 2014 08:49:43 +0200
Message-Id: <12DA5575-B773-4D28-83BB-5AD1F1C84469@FreeBSD.org>
References: <20140622135308.GF1824@pwnie.vrt.sourcefire.com>
 <53A8FBD7.8000900@gmx.com>
To: dt71@gmx.com
X-Mailer: Apple Mail (2.1878.2)
Cc: freebsd-hackers@freebsd.org
X-BeenThere: freebsd-hackers@freebsd.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: Technical Discussions relating to FreeBSD
 <freebsd-hackers.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/options/freebsd-hackers>, 
 <mailto:freebsd-hackers-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-hackers/>
List-Post: <mailto:freebsd-hackers@freebsd.org>
List-Help: <mailto:freebsd-hackers-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-hackers>,
 <mailto:freebsd-hackers-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 24 Jun 2014 06:50:05 -0000


--Apple-Mail=_DD81146C-A42E-4367-BFF5-12681B0F113F
Content-Transfer-Encoding: 7bit
Content-Type: text/plain;
	charset=us-ascii

On 24 Jun 2014, at 06:17, dt71@gmx.com wrote:
> Speaking of backdoors...
> 
> lib/libugidfw/ugidfw.c:
>> if (len < 0 || len > left)
> 
> ):<

Well, it's just another off-by-one, no need for conspiracy theories. :)

Btw, I'd mailed about this in 2011 already, but it really isn't very
important.  The only consumer is ugidfw, and then only to print out the
parsed rules.

-Dimitry


--Apple-Mail=_DD81146C-A42E-4367-BFF5-12681B0F113F
Content-Transfer-Encoding: 7bit
Content-Disposition: attachment;
	filename=signature.asc
Content-Type: application/pgp-signature;
	name=signature.asc
Content-Description: Message signed with OpenPGP using GPGMail

-----BEGIN PGP SIGNATURE-----
Version: GnuPG/MacGPG2 v2.0.22 (Darwin)

iEYEARECAAYFAlOpH5MACgkQsF6jCi4glqOuxgCg1jfgvhJnyV8ARSJufSkW0sH6
MzMAoIHjrb0LiA6QN6xmBzNDwqbd2Efj
=THR0
-----END PGP SIGNATURE-----

--Apple-Mail=_DD81146C-A42E-4367-BFF5-12681B0F113F--