00:01:15 <sommerfeld> in practice the only values of x betweeen 128 and 255 where ((1 + x) & 0x7f) != 1 + (x & 0x7f) are 128 and 255
00:01:48 <sommerfeld> (we know tag is in that range)
00:03:56 <sommerfeld> doesn't look like you can do much mischief with a maliciously crafted packet, though.
00:05:05 <sommerfeld> okay, the incorrect offset value you get is 0, so it then looks to fetch buf[1] again and check if it is 0x02.
00:05:38 <sommerfeld> okay, I'm nearly certain this is a harmless error that has zero impact on legit ldap traffic and can not be exploited.
00:20:48 <sommerfeld> just by pure dumb luck the 1 + tag & 0x7f computes the correct value for any of the likely length-of-length bytes you'd see in real traffic (0x81, 0x82, 0x83, or 0x84).
00:22:54 <sommerfeld> (I don't know ldap but I did beat my head against ASN.1 BER and DER for a while....)
06:59:32 <tsoome> sommerfeld hopefully all the damage has been healed...
07:43:48 <Agnar> can someone tell me how I build components from usr/src/cmd/ individually? i.e. vi for example?
07:52:11 <tsoome> if you have done nightly before on this tree, then start bldenv and then you can run make manually
07:53:16 <tsoome> bldenv does not build dependencies for you, making in cmd implies you have built and installed libraries 
07:54:20 <Agnar> ah ok
07:55:05 <tsoome> you can get them built manually too -- after bldenv, cd usr/src; dmake setup, then cd lib; dmake install
07:55:22 <tsoome> but it is easier to have one nightly done before;)
07:55:28 <Agnar> yeah, bldenv was the secret ;)
07:58:38 <Agnar> thank you very much
08:38:51 <tsoome> yw
08:47:43 <Agnar> cw...does that mean "compiler wrapper"?
11:42:29 <tsoome> yes
11:43:04 <tsoome> well, or C wrapper:D
11:43:20 <tsoome> because we also had aw
11:56:50 <Agnar> ah
11:57:26 <Agnar> Now I'm fighting my way through the makefiles to figure out where it decides to build vi 32bit only.
11:59:05 <otis> where... somewhere deep in the makefiles :-P
11:59:50 <yuripv> it's just missing the Makefile.cmd.64 include, you have to say explicitly that you want 64bit build (for the moment)
11:59:59 <Agnar> ah!
12:00:08 <Agnar> that's the trick
12:00:13 <Agnar> I found that file
12:09:15 <Agnar> great, thanks yuripv - now I know how to proceed :0
12:09:17 <Agnar> :)
13:30:05 <tsoome> making vi great again?
13:30:25 <Agnar> making it 64bit ;)
13:31:55 <Agnar> so it can benefit from the features of the sparcv9 architecture! ;)
16:14:10 <hadfl> sommerfeld, i think the terms are even equal for 0x80, just differing for 0xff
17:20:59 <sommerfeld> oh, oops, misread my test program output which started at 0.   In 0..255, differing only for 127 and 255
17:21:12 <sommerfeld> thank you for checking my work
17:24:56 <nomad> I was cleaning out some boxes in my garage recently and came across a SPARCstation LX. I haven't plugged it in, no idea what state it's in but if anyone wants it its yours for the cost of shipping.
17:26:50 <sommerfeld> hadfl: Thank you.  I updated the bug with the correction.
18:27:11 <Woodstock> nomad: shipping from where?
18:27:43 <nomad> US Pacific NW
18:28:53 <Woodstock> mkay. thats too far away :)
18:28:59 * nomad nods
20:15:09 <nomad> Out of curiosity I just popped the case open. I didn't see any electrolyte or battery splooge but lets just say the shiny metal bits ain't shiny nomo.