Re: [PATCH] Fix potential use after free in uidswap.c (portable)

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

 



On Mon, Jun 22, 2015 at 11:36 AM, Darren Tucker <dtucker@xxxxxxxxxx> wrote:

> On Sun, Jun 21, 2015 at 12:31 AM, Albert S. <mail@xxxxxxxxxxxxxxx> wrote:
>
>> Fixes a potential (but probably rather unlikely) use after free bug in
>> function temporarily_use_uid(), file uidswap.c.
>>
>
> Does seem unlikely (with zero entries there's no reason for it to deref
> the pointer), however reading the man pages it seems like there's no
> guarantee that it won't, so seems reasonable to me.  Damien?
>

Thanks, this has been committed and will be in the next release.

-- 
Darren Tucker (dtucker at zip.com.au)
GPG key 8FF4FA69 / D9A3 86E9 7EEE AF4B B2D4  37C9 C982 80C7 8FF4 FA69
    Good judgement comes with experience. Unfortunately, the experience
usually comes from bad judgement.
_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@xxxxxxxxxxx
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev



[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux