On Thu, 15 Apr 1999, Philip Tait wrote:

> This advisory does not seem to be accurate. 'syssrc.tgz' for NetBSD 1.3.3 contains
> what appears to be a corrected version of vfs_lookup.c.  Also, I cannot reproduce

Please check again. I just checked the 1.3.3 syssrc.tgz file, and
vfs_lookup.c contained:

                if ((cnp->cn_flags & LOCKPARENT) && ndp->ni_pathlen == 1)
                        VOP_UNLOCK(ndp->ni_dvp);

The ndp->ni_pathlen == 1 is wrong, and the focus of the security patch.

> the problem on my system:
> 
> $ uname -a
> NetBSD phxtst45 1.3.3 NetBSD 1.3.3 (GENERIC) #0: Sat Dec 12 15:08:02 EST 1998
> root@vlad:/usr/src/sys/arch/pmax/compile/GENERIC pmax
> $ ln -s ./ test

Note: you must repeat the above command TWICE to have problems. If only
one occurence caused problems, the bug would have been found long ago. :-)

Also, you are on pmax which seems to have its own unique failure mode,
which we don't understand at the moment.

> $ ls -l test
> lrwxr-xr-x  1 pjt  wheel  2 Apr 15 10:12 test -> ./

Take care,

Bill