aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorColin Percival <cperciva@FreeBSD.org>2011-04-20 21:00:24 +0000
committerColin Percival <cperciva@FreeBSD.org>2011-04-20 21:00:24 +0000
commitb2a8d7a809fac5f7bb7b7f9ae01816e78c989983 (patch)
treed73d72eb2d0993b0f6b54035144092552573b056
parent29f5bedd4fbd01c51ad32ecbc5dde0d5293f03c4 (diff)
downloadsrc-b2a8d7a809fac5f7bb7b7f9ae01816e78c989983.tar.gz
src-b2a8d7a809fac5f7bb7b7f9ae01816e78c989983.zip
Fix CIDR parsing bug in mountd ACLs.
Approved by: so (cperciva) Security: FreeBSD-SA-11:01.mountd
Notes
Notes: svn path=/releng/8.1/; revision=220901
-rw-r--r--UPDATING3
-rw-r--r--sys/conf/newvers.sh2
-rw-r--r--usr.sbin/mountd/mountd.c2
3 files changed, 5 insertions, 2 deletions
diff --git a/UPDATING b/UPDATING
index 24f7a8ce290b..691648700355 100644
--- a/UPDATING
+++ b/UPDATING
@@ -15,6 +15,9 @@ NOTE TO PEOPLE WHO THINK THAT FreeBSD 8.x IS SLOW ON IA64 OR SUN4V:
debugging tools present in HEAD were left in place because
sun4v support still needs work to become production ready.
+20110420: p3 FreeBSD-SA-11:01.mountd
+ Fix CIDR parsing bug in mountd ACLs.
+
20101129: p2 FreeBSD-SA-10:10.openssl
Fix OpenSSL multiple vulnerabilities.
diff --git a/sys/conf/newvers.sh b/sys/conf/newvers.sh
index 97049e0f97bd..0618c8f33132 100644
--- a/sys/conf/newvers.sh
+++ b/sys/conf/newvers.sh
@@ -32,7 +32,7 @@
TYPE="FreeBSD"
REVISION="8.1"
-BRANCH="RELEASE-p2"
+BRANCH="RELEASE-p3"
if [ "X${BRANCH_OVERRIDE}" != "X" ]; then
BRANCH=${BRANCH_OVERRIDE}
fi
diff --git a/usr.sbin/mountd/mountd.c b/usr.sbin/mountd/mountd.c
index 41a845f5b03a..f858a05f19be 100644
--- a/usr.sbin/mountd/mountd.c
+++ b/usr.sbin/mountd/mountd.c
@@ -2937,7 +2937,7 @@ makemask(struct sockaddr_storage *ssp, int bitlen)
for (i = 0; i < len; i++) {
bits = (bitlen > CHAR_BIT) ? CHAR_BIT : bitlen;
- *p++ = (1 << bits) - 1;
+ *p++ = (u_char)~0 << (CHAR_BIT - bits);
bitlen -= bits;
}
return 0;