tech-security: Re: CERT Advisory CA-2003-10 Integer overflow in Sun RPC XDR library

Subject: Re: CERT Advisory CA-2003-10 Integer overflow in Sun RPC XDR library
To: None <tech-security@netbsd.org>
From: Jeremy C. Reed <reed@reedmedia.net>
List: tech-security
Date: 03/24/2003 11:37:41

On Wed, 19 Mar 2003, CERT Advisory wrote:

> NetBSD
>
>    The  length  types  of  the  various xdr*_getbytes functions were made
>    consistent somewhere back in 1997 (all u_int), so we're not vulnerable
>    in that area.

Does this mean NetBSD is not vulernable at all to this CERT Advisory
CA-2003-10 Integer overflow in Sun RPC XDR library routines?

P src/include/rpc/xdr.h
P src/lib/libc/rpc/xdr_mem.c

The xdr_mem.c fix mentions "overflow, and then overwrite valid memory."

Is this related? (Is this another advisory?)

Thanks,

   Jeremy C. Reed
   http://bsd.reedmedia.net/