[prev in list] [next in list] [prev in thread] [next in thread]
List: user-mode-linux-devel
Subject: Re: [uml-devel] security bug in uml_net.c?
From: Steve Schnepp <snide () free ! fr>
Date: 2003-05-24 10:07:01
[Download RAW message or body]
On Fri, May 23, 2003 at 11:31:06PM -0400, SecurityTracker wrote:
> Suggested patch: uml_net.c
> - if(v > CURRENT_VERSION){
> + if ((v > CURRENT_VERSION) || (v < 0)) {
That's the minimal change patch. Perfect suggestion, since it has
the least side effects.
But what about the idea to declare v directly as an unsigned int ?
Steve
--
GPG public key available from http://snide.free.fr/gpg/snide-free.fr.asc
Or by email to "snide at free.fr" with "send key pub" as subject
Fingerprint: 91E3 C5F1 2641 4D0F EDD0 7116 D187 5929 14A8 FDA2
-------------------------------------------------------
This SF.net email is sponsored by: ObjectStore.
If flattening out C++ or Java code to make your application fit in a
relational database is painful, don't do it! Check out ObjectStore.
Now part of Progress Software. http://www.objectstore.net/sourceforge
_______________________________________________
User-mode-linux-devel mailing list
User-mode-linux-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/user-mode-linux-devel
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic