in practice the only values of x betweeen 128 and 255 where ((1 + x) & 0x7f) != 1 + (x & 0x7f) are 128 and 255

(we know tag is in that range)

doesn't look like you can do much mischief with a maliciously crafted packet, though.

okay, the incorrect offset value you get is 0, so it then looks to fetch buf[1] again and check if it is 0x02.

okay, I'm nearly certain this is a harmless error that has zero impact on legit ldap traffic and can not be exploited.

just by pure dumb luck the 1 + tag & 0x7f computes the correct value for any of the likely length-of-length bytes you'd see in real traffic (0x81, 0x82, 0x83, or 0x84).

(I don't know ldap but I did beat my head against ASN.1 BER and DER for a while....)

sommerfeld hopefully all the damage has been healed...

can someone tell me how I build components from usr/src/cmd/ individually? i.e. vi for example?

if you have done nightly before on this tree, then start bldenv and then you can run make manually

bldenv does not build dependencies for you, making in cmd implies you have built and installed libraries

ah ok

you can get them built manually too -- after bldenv, cd usr/src; dmake setup, then cd lib; dmake install

but it is easier to have one nightly done before;)

yeah, bldenv was the secret ;)

thank you very much

yw

cw...does that mean "compiler wrapper"?

yes

well, or C wrapper:D

because we also had aw

ah

Now I'm fighting my way through the makefiles to figure out where it decides to build vi 32bit only.

where... somewhere deep in the makefiles :-P

it's just missing the Makefile.cmd.64 include, you have to say explicitly that you want 64bit build (for the moment)

ah!

that's the trick

I found that file

great, thanks yuripv - now I know how to proceed :0

:)

making vi great again?

making it 64bit ;)

so it can benefit from the features of the sparcv9 architecture! ;)

sommerfeld, i think the terms are even equal for 0x80, just differing for 0xff

oh, oops, misread my test program output which started at 0. In 0..255, differing only for 127 and 255

thank you for checking my work

I was cleaning out some boxes in my garage recently and came across a SPARCstation LX. I haven't plugged it in, no idea what state it's in but if anyone wants it its yours for the cost of shipping.

hadfl: Thank you. I updated the bug with the correction.

nomad: shipping from where?

US Pacific NW

mkay. thats too far away :)

Out of curiosity I just popped the case open. I didn't see any electrolyte or battery splooge but lets just say the shiny metal bits ain't shiny nomo.