[wellylug] Critical Linux secrity hole, bad news & good news.
David Antliff
david.antliff at gmail.com
Fri May 5 10:54:17 NZST 2006
Simon Antliff wrote:
> On 5/5/06, Brent Wood <> wrote:
>> Critical flaws do happen, but fixes are quick :-)
>
> The article says a missing closing parenthesis was to blame. Surely
> the opening parenthesis would be missing too? I dont know of a
> language that lets you get away with unbalanced syntax.
No, it was a case of a missing '()' on a function call, thereby using
the value of the function pointer, rather than the return value of the
function (i.e. it wasn't called). I can't recall the exact code but it
was something like:
if (.... || geteuid == 0) ...
Of course that should have been:
if (.... || geteuid() == 0) ...
And function pointers compared to zero rather than NULL should throw a C
compiler warning... another good reason for requiring clean compiles.
--
David.
More information about the wellylug
mailing list