Solved

FreeBSD-SA-01:55 Patching has errors on 4.1-RELEASE??

Posted on 2001-09-04
3
275 Views
Last Modified: 2010-04-21
guys,

Can anybody pls help me with this?
Patching this on 4.1-RELEASE has errors...!  as shown below.
 
>>1 out of 2 hunks failed--saving rejects to sys/miscfs/procfs/procfs_mem.c.rej
>>1 out of 3 hunks failed--saving rejects to sys/miscfs/procfs/procfs_vnops.c.rej
 
The security advisory says that:
This patch has been verified to apply to FreeBSD 4.3-RELEASE and
4.2-RELEASE
 
What about us on 4.1-RELEASE??
How do I get this patch to work... pls advice.
 
Thanks
 
=========================================================

FreeBSD-SA-01:55
Topic: procfs vulnerability leaks set[ug]id process memory

###########################################################
hostname# cd /usr/src
hostname# patch -p < /usr/home/sysman/procfs.patch
Hmm...  Looks like a unified diff to me...
The text leading up to this was:
--------------------------
|Index: sys/i386/linux/linprocfs/linprocfs_vnops.c
|===================================================================
|RCS file: /usr2/ncvs/src/sys/i386/linux/linprocfs/Attic/linprocfs_vnops.c,v
|retrieving revision 1.3.2.4
|retrieving revision 1.3.2.5
|diff -u -r1.3.2.4 -r1.3.2.5
|--- sys/i386/linux/linprocfs/linprocfs_vnops.c 2001/06/25 19:46:47     1.3.2.4
|+++ sys/i386/linux/linprocfs/linprocfs_vnops.c 2001/08/12 14:29:19     1.3.2.5
--------------------------
Patching file sys/i386/linux/linprocfs/linprocfs_vnops.c using Plan A...
Hunk #1 succeeded at 62 (offset -2 lines).
Hunk #2 succeeded at 140 (offset -2 lines).
Hunk #3 succeeded at 459 (offset 6 lines).
Hunk #4 succeeded at 519 with fuzz 1 (offset -9 lines).
Hmm...  The next patch looks like a unified diff to me...
The text leading up to this was:
--------------------------
|Index: sys/miscfs/procfs/procfs.h
|===================================================================
|RCS file: /usr2/ncvs/src/sys/miscfs/procfs/Attic/procfs.h,v
|retrieving revision 1.32.2.1
|retrieving revision 1.32.2.2
|diff -u -r1.32.2.1 -r1.32.2.2
|--- sys/miscfs/procfs/procfs.h 2000/11/01 20:19:48     1.32.2.1
|+++ sys/miscfs/procfs/procfs.h 2001/08/12 14:29:19     1.32.2.2
--------------------------
Patching file sys/miscfs/procfs/procfs.h using Plan A...
Hunk #1 succeeded at 88.
Hunk #2 succeeded at 138 (offset -7 lines).
Hmm...  The next patch looks like a unified diff to me...
The text leading up to this was:
--------------------------
|Index: sys/miscfs/procfs/procfs_mem.c
|===================================================================
|RCS file: /usr2/ncvs/src/sys/miscfs/procfs/Attic/procfs_mem.c,v
|retrieving revision 1.46.2.1
|retrieving revision 1.46.2.2
|diff -u -r1.46.2.1 -r1.46.2.2
|--- sys/miscfs/procfs/procfs_mem.c     2000/11/01 20:19:48     1.46.2.1
|+++ sys/miscfs/procfs/procfs_mem.c     2001/08/12 14:29:19     1.46.2.2
--------------------------
Patching file sys/miscfs/procfs/procfs_mem.c using Plan A...
Hunk #1 failed at 244.
Hunk #2 succeeded at 281.
1 out of 2 hunks failed--saving rejects to sys/miscfs/procfs/procfs_mem.c.rej
Hmm...  The next patch looks like a unified diff to me...
The text leading up to this was:
--------------------------
|Index: sys/miscfs/procfs/procfs_vnops.c
|===================================================================
|RCS file: /usr2/ncvs/src/sys/miscfs/procfs/Attic/procfs_vnops.c,v
|retrieving revision 1.76.2.4
|retrieving revision 1.76.2.5
|diff -u -r1.76.2.4 -r1.76.2.5
|--- sys/miscfs/procfs/procfs_vnops.c   2001/08/04 13:12:24     1.76.2.4
|+++ sys/miscfs/procfs/procfs_vnops.c   2001/08/12 14:29:19     1.76.2.5
--------------------------
Patching file sys/miscfs/procfs/procfs_vnops.c using Plan A...
Hunk #1 failed at 148.
Hunk #2 succeeded at 476.
Hunk #3 succeeded at 551.
1 out of 3 hunks failed--saving rejects to sys/miscfs/procfs/procfs_vnops.c.rej
done
0
Comment
Question by:thiamwah
  • 2
3 Comments
 
LVL 40

Expert Comment

by:jlevie
ID: 6456956
I suspect finxing this problem on 4.1 might be more effort than you'd want to go to. You''d need to analyze the patch to determine the intent of the changes and examine the 4.1 code to figure out how to make those changes to it. Personally, I'd upgrade the system to 4.3 and then track STABLE with cvsup. Assuming of course that you don't have some application the will only run on 4.1.
0
 

Author Comment

by:thiamwah
ID: 6462988
hi jlevie,

I am a bit paranoid about having to CVSUp the whole source and recompiling them because I tried on a
Pentium Celeron with 64 MB ram, and it tooks hours to even download the whole source. And I read comments
that it will take another 3.5 hours to recompile the sources. YIKES! :)

Compiling kernels is OK to me but compiling the whole source tree.. !

My production machines are all DELL Dual Pentium 3 CPUs with 512 MB RAM. I wonder how would they fare
? How do I minimize the chances that anything would go wrong inn your experience of cvsuping sources
on a prod machine?

Are they any links in your recommendation that I can refer to for this topic? Pls advice!

Thanks a million
0
 
LVL 40

Accepted Solution

by:
jlevie earned 100 total points
ID: 6469216
See you other question for a reply.
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

In tuning file systems on the Solaris Operating System, changing some parameters of a file system usually destroys the data on it. For instance, changing the cache segment block size in the volume of a T3 requires that you delete the existing volu…
Using libpcap/Jpcap to capture and send packets on Solaris version (10/11) Library used: 1.      Libpcap (http://www.tcpdump.org) Version 1.2 2.      Jpcap(http://netresearch.ics.uci.edu/kfujii/Jpcap/doc/index.html) Version 0.6 Prerequisite: 1.      GCC …
Learn several ways to interact with files and get file information from the bash shell. ls lists the contents of a directory: Using the -a flag displays hidden files: Using the -l flag formats the output in a long list: The file command gives us mor…
Learn how to find files with the shell using the find and locate commands. Use locate to find a needle in a haystack.: With locate, check if the file still exists.: Use find to get the actual location of the file.:

911 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

15 Experts available now in Live!

Get 1:1 Help Now