Re: [pcp] PCP bugs from SGI

To:	Martin Hicks <mort@xxxxxxxx>
Subject:	Re: [pcp] PCP bugs from SGI
From:	Greg Banks <gnb@xxxxxxxx>
Date:	Mon, 15 Mar 2010 20:42:26 +1100
Cc:	Nathan Scott <nathans@xxxxxxxxxx>, kenj@xxxxxxxxxxxxxxxx, pcp@xxxxxxxxxxx
Dkim-signature:	v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:sender:received:in-reply-to :references:date:x-google-sender-auth:message-id:subject:from:to:cc :content-type:content-transfer-encoding; bh=L3EnHQNeXtHBIXIxYJvIL3bAyQVU+c1/viWIjk/VFtI=; b=rGWnWX3jJS0IqBMMqcXEJJkINCFXEUh781VRjlzlzaJngxoY15P5mixDfqmT/rQ/in 3CZ+LR9KAaGNCZZYECx6nuu0xh4C3A82Dqu8C58X0i1QQyw2dQXwpAWP7e0ODGrfwq4J GkRXo72dqM3wwYY6AvDSKAmuOC+focup3HS1w=
Domainkey-signature:	a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:sender:in-reply-to:references:date :x-google-sender-auth:message-id:subject:from:to:cc:content-type :content-transfer-encoding; b=Bde3jQHD0tdESB9EgfoSoZuVUMqcwm/mFzJEbYL9STMINMtlXEPbDByh+Jix2BkGZt R16K/2noYiabvMnZt94GUQZUVKg51YEM5IRvDmS+t/yi68ZgXdy07xKQn9v/v8rougqF f1UR+K5hoaXtKTlCyAcnIRDDKRhGVHsceBDUY=
In-reply-to:	<20100313161134.GA3247@xxxxxxxxxxxxxxxxx>
References:	<1268429609.2642.690.camel@xxxxxxxxxxxxxxxx> <1762449926.1194231268441576454.JavaMail.root@xxxxxxxxxxxxxxxxxx> <20100313161134.GA3247@xxxxxxxxxxxxxxxxx>
Sender:	greg.n.banks@xxxxxxxxx

On Sun, Mar 14, 2010 at 3:11 AM, Martin Hicks <mort@xxxxxxxx> wrote:
>
> On Sat, Mar 13, 2010 at 11:52:56AM +1100, Nathan Scott wrote:
>>
>> ----- "Ken McDonell" <kenj@xxxxxxxxxxxxxxxx> wrote:
>>
>> > OK, this was sloppy coding on my part, but it has probability of
>> > occurrence that close to, or less than, the chance that I'll live to
>> > 100
>> > years old.
>> >
>> > Because I'm retired and have nothing better to do (sigh), the
>> > attached
>> > patch addresses the issue ... if someone else would care to review it
>> > and it looks acceptable, I'll gladly commit it into my oss tree.
>>
>> Looking good.

Patch looks good to me too.

>>
>> The memory allocation based on the ntohl(pduProfile->numprof), or
>> instprof->profile_len, value looks like it could still use some
>> kind of ceiling sanity test?  (as per Gregs bug)
>
> Yeah, it was that comment that struck me as the more important point.
> Letting an arbitrary network-connected client allocate arbitrary amounts
> of memory as root on the pmcd machine seems pretty terrible.

What they said.  While memory is plentiful today, so are malicious people.


-- 
Greg.

<Prev in Thread]	Current Thread	[Next in Thread>
PCP bugs from SGI, Martin Hicks Re: [pcp] PCP bugs from SGI, Ken McDonell Re: [pcp] PCP bugs from SGI, Nathan Scott Re: [pcp] PCP bugs from SGI, Martin Hicks Re: [pcp] PCP bugs from SGI, Greg Banks <= Re: [pcp] PCP bugs from SGI, Ken McDonell Re: [pcp] PCP bugs from SGI, Martin Hicks

Previous by Date:	Re: [pcp] PCP bugs from SGI, Martin Hicks
Next by Date:	Re: [pcp] PCP bugs from SGI, Martin Hicks
Previous by Thread:	Re: [pcp] PCP bugs from SGI, Martin Hicks
Next by Thread:	Re: [pcp] PCP bugs from SGI, Ken McDonell
Indexes:	[Date] [Thread] [Top] [All Lists]