Update to KSR[T] Advisory #002 Our advisory contained one serious piece of mis-information. The latest version of ld.so that we tested (1.9.2) still appeared to be vulnerable to this overflow. We strongly recommend that anyone running linux install the patch distributed with the advisory, or wait for your vendor to release an updated ld.so package and install that as soon as possible. The patch is available from our web site (http://www.dec.net/ksrt). We apologize for any confusion this might have caused. KSR[T] Team ----- KSR[T] Website : http://www.dec.net/ksrt E-mail: ksrt@dec.net
The patch supplied with the advisory didn''t quite work against 1.9.2 or
1.8.10. I couldn''t compile ld.so. I''ve compiled a lot of
programs against
libc-5.4.23 that I believe wont work with an older libc.
The patch was for ld.so-1.7.4 while I believe I need at least 1.8.1. I
made the following changes, but really don''t know what I''m
doing. Would
someone please verify if this is OK to do? This included patch is against
ld.so-1.9.2 AFTER the advisory patch was applied. Thanks very much, Dan
--- ld-so/ld.so.c-1.9.2patched Fri Jul 18 19:16:54 1997
+++ ld-so/ld.so.c Fri Jul 18 19:18:15 1997
@@ -245,7 +245,7 @@
save_mapinfo(mapinfo);
#endif
argv0 = va_arg(ap, char *);
- argv0 = arg_remap(argv0);
+ argv0 = argv_remap(argv0);
__environ = va_arg(ap, char **);
__SHARED_LIBRARIES__ = va_arg(ap, struct libentry **);
_SHARABLE_CONFLICTS__ = va_arg(ap, struct fixuplist *);
@@ -367,7 +367,7 @@
{
if(nlibs==11)
{
- fdprintf(2, "%s: too many
preloads\n",argv[0]);
+ fdprintf(2, "%s: too many preloads\n",argv0);
exit(EXIT_FATAL);
}
libs[nlibs] = alloca(strlen(buffer)+1);
This message is in MIME format. The first part should be readable text, while the remaining parts are likely unreadable without MIME-aware tools. Send mail to mime@docserver.cac.washington.edu for more info. --567214411-2105302250-869475708=:3243 Content-Type: TEXT/PLAIN; charset=US-ASCII On Fri, 18 Jul 1997, KSR[T] wrote:> Our advisory contained one serious piece of mis-information. The latest > version of ld.so that we tested (1.9.2) still appeared to be > vulnerable to this overflow. > > We strongly recommend that anyone running linux install the patch > distributed with the advisory, or wait for your vendor to release > an updated ld.so package and install that as soon as possible. > > The patch is available from our web site (http://www.dec.net/ksrt). > > We apologize for any confusion this might have caused. >Since other overflows were found in ld.so of both elf and a.out, I''ve made a patch that converts vsprintf() into vsnprintf() and included fixed version of the original patch and suggested fix about 11-th item in libraries list. The patch is against ld.so 1.9.2 distribution. -- Alex --567214411-2105302250-869475708=:3243 Content-Type: TEXT/PLAIN; charset=US-ASCII; name=ld-fix Content-Transfer-Encoding: BASE64 Content-ID: <Pine.LNX.3.95.970721020148.3243C@phobos.illtel.denver.co.us> Content-Description: ld.so 1.9.2 fix ZGlmZiAtcnUgbGQuc28tMS45LjIvQ29uZmlnLm1rIGxkLnNvLTEuOS4yLWZp eGVkL0NvbmZpZy5taw0KLS0tIGxkLnNvLTEuOS4yL0NvbmZpZy5tawlUdWUg TWFyIDE4IDE4OjQxOjA4IDE5OTcNCisrKyBsZC5zby0xLjkuMi1maXhlZC9D b25maWcubWsJRnJpIEp1bCAxOCAwMTowOTo0MyAxOTk3DQpAQCAtMiw3ICsy LDcgQEANCiAjQVJDSCA9IG02OGsNCiAjQVJDSCA9IHNwYXJjDQogI0RFQlVH ID0gdHJ1ZQ0KLSNBT1VUX1NVUFBPUlQgPSB0cnVlDQorQU9VVF9TVVBQT1JU ID0gdHJ1ZQ0KIA0KIExEU09fQUREUiA9IDYyZjAwMDIwDQogTERTT19FTlRS WSA9ICIweCQoTERTT19BRERSKSINCkBAIC0xOSw4ICsxOSw4IEBADQogUkFO TElCID0gcmFubGliDQogDQogaWZlcSAoJChBUkNIKSxpMzg2KQ0KLUFPVVRD QyA9IC91c3IvaTQ4Ni1saW51eGFvdXQvYmluL2djYw0KLSNBT1VUQ0MgPSBn Y2MgLWIgaTQ4Ni1saW51eGFvdXQNCisjQU9VVENDID0gL3Vzci9pNDg2LWxp bnV4YW91dC9iaW4vZ2NjDQorQU9VVENDID0gZ2NjIC1iIGk0ODYtbGludXhh b3V0DQogQU9VVExEID0gL3Vzci9pNDg2LWxpbnV4YW91dC9iaW4vbGQgLW0g aTM4NmxpbnV4DQogZW5kaWYNCiBpZmVxICgkKEFSQ0gpLG02OGspDQpkaWZm IC1ydSBsZC5zby0xLjkuMi9kLWxpbmsvYm9vdDEuYyBsZC5zby0xLjkuMi1m aXhlZC9kLWxpbmsvYm9vdDEuYw0KLS0tIGxkLnNvLTEuOS4yL2QtbGluay9i b290MS5jCVR1ZSBNYXIgMTggMTg6MDE6MTYgMTk5Nw0KKysrIGxkLnNvLTEu OS4yLWZpeGVkL2QtbGluay9ib290MS5jCUZyaSBKdWwgMTggMDE6MDU6MTQg MTk5Nw0KQEAgLTExNCwxMCArMTE0LDEyIEBADQogDQogI2RlZmluZSBBTExP V19aRVJPX1BMVEdPVA0KIA0KKyNkZWZpbmUgRUxGX0xEU09fSU1BR0UgIi9s aWIvbGQtbGludXguc28uMSINCisNCiBzdGF0aWMgY2hhciAqIF9kbF9tYWxs b2NfYWRkciwgKl9kbF9tbWFwX3plcm87DQogY2hhciAqIF9kbF9saWJyYXJ5 X3BhdGggPSAwOyAvKiBXaGVyZSB3ZSBsb29rIGZvciBsaWJyYXJpZXMgKi8N CiBjaGFyICpfZGxfcHJlbG9hZCA9IDA7IC8qIFRoaW5ncyB0byBiZSBsb2Fk ZWQgYmVmb3JlIHRoZSBsaWJzLiAqLw0KLWNoYXIgKl9kbF9wcm9nbmFtZSA9 ICIvbGliL2xkLWxpbnV4LnNvLjEiOw0KK2NoYXIgKl9kbF9wcm9nbmFtZSA9 IEVMRl9MRFNPX0lNQUdFOw0KIHN0YXRpYyBjaGFyICogX2RsX25vdF9sYXp5 ID0gMDsNCiBzdGF0aWMgY2hhciAqIF9kbF93YXJuID0gMDsgLyogVXNlZCBi eSBsZGQgKi8NCiBzdGF0aWMgY2hhciAqIF9kbF90cmFjZV9sb2FkZWRfb2Jq ZWN0cyA9IDA7DQpAQCAtMTcxLDYgKzE3Myw0NSBAQA0KICNlbmRpZg0KIA0K IC8qDQorICoJU3RvcCBhcmd2MCBvdmVyZmxvd2luZyB2c3ByaW50ZiwgYnV0 IGFsc28gdHJ5IHRvIHN0b3AgZmFsc2UgcG9zaXRpdmVzDQorICoJV2Ugb2Jl eSB0aGUgZm9sbG93aW5nIHJ1bGUNCisgKg0KKyAqCUlmIG5hbWVzaXplIDwg MjU2ICBrZWVwDQorICoJSWYgbmFtZSBmcm9tIGxhc3QgLyA8IDI1NiB1c2Ug dGhhdA0KKyAqCWVsc2UgdXNlIEVMRl9MRFNPX0lNQUdFDQorICoNCisgKglU aGlzIGVuc3VyZXMgL3ZlcnkvbG9uZy9zdHVwaWQvbmZzL3BhdGgvd2Uvb2Z0 ZW4vZ2V0L2Zvb2JhcmNtZA0KKyAqCWNvbWVzIG91dCBhdCBsZWFzdCBhcy4g IA0KKyAqDQorICoJZm9vYmFyY21kOiBzb21lZXJyb3INCisgKg0KKyAqCUV2 ZW4gaWYgd2UgZml4IHZzcHJpbnRmIHRvIGJlIHZzbnByaW50ZiAod2hpY2gg d2Ugc2hvdWxkKSwgdGhpcw0KKyAqCW91Z2h0IHRvIGJlIGtlcHQgdG8gaGVs cCBtYWtlIHJlYWwgc2l6ZSBsaW1pdGVkIGVycm9ycyBjbGVhcmVyLg0KKyAq Lw0KKyANCitzdGF0aWMgY2hhciAqYXJndl9yZW1hcChjaGFyICpwdHIpDQor ew0KKwljaGFyICp0bXA7DQorCWlmKHN0cmxlbihwdHIpPDI1NikNCisJCXJl dHVybiBwdHI7DQorCWlmKCEqcHRyKQ0KKwkJcmV0dXJuIHB0cjsNCisJdG1w PXB0citzdHJsZW4ocHRyKS0xOw0KKwkvKg0KKwkgKglXYWxrIGJhY2sgZG93 biB0aGUgY2hhaW4gdW50aWwgd2UgZmluZCBhIHNsYXNoDQorCSAqLw0KKwl3 aGlsZSh0bXA+PXB0ciAmJiAqdG1wIT0nLycpDQorCQl0bXAtLTsNCisJLyoN CisJICoJTm8gc2xhc2gsIG9yIHRvbyBsb25nIGFmdGVyIHNsYXNoIGFuZCBJ bSBub3QgcGxheWluZyBzbyBueWFoDQorCSAqLw0KKwlpZigqdG1wIT0nLycp DQorCQlyZXR1cm4gRUxGX0xEU09fSU1BR0U7DQorCWlmKHN0cmxlbih0bXAp PjI1NikJLyogTm90IG9mZiBieSAxIC4uIHN0cmxlbiBpbmNsdWRlcyB0aGUg LyAqLw0KKwkJcmV0dXJuIEVMRl9MRFNPX0lNQUdFOw0KKwlyZXR1cm4gdG1w KzE7DQorfQ0KKy8qDQogICogVGhpcyBzdHViIGZ1bmN0aW9uIGlzIHVzZWQg Ynkgc29tZSBkZWJ1Z2dlcnMuICBUaGUgaWRlYSBpcyB0aGF0IHRoZXkNCiAg KiBjYW4gc2V0IGFuIGludGVybmFsIGJyZWFrcG9pbnQgb24gaXQsIHNvIHRo YXQgd2UgYXJlIG5vdGlmaWVkIHdoZW4gdGhlDQogICogYWRkcmVzcyBtYXBw aW5nIGlzIGNoYW5nZWQgaW4gc29tZSB3YXkuDQpAQCAtNTA3LDcgKzU0OCw3 IEBADQogICB9DQogDQogICBpZiAoYXJndlswXSkNCi0gICAgX2RsX3Byb2du YW1lID0gYXJndlswXTsNCisgICAgX2RsX3Byb2duYW1lID0gYXJndl9yZW1h cChhcmd2WzBdKTsNCiANCiAgIC8qIE5vdyB3ZSBuZWVkIHRvIGZpZ3VyZSBv dXQgd2hhdCBraW5kIG9mIG9wdGlvbnMgYXJlIHNlbGVjdGVkLg0KICAgIE5v dGUgdGhhdCBmb3IgU1VJRCBwcm9ncmFtcyB3ZSBpZ25vcmUgdGhlIHNldHRp bmdzIGluIExEX0xJQlJBUllfUEFUSCAqLw0KT25seSBpbiBsZC5zby0xLjku Mi1maXhlZC9kLWxpbms6IGJvb3QxLmMub3JpZw0KT25seSBpbiBsZC5zby0x LjkuMi9kLWxpbms6IGxkLWxpbnV4LnNvDQpPbmx5IGluIGxkLnNvLTEuOS4y L2QtbGluay9saWJkbDogbGliZGwuc28NCmRpZmYgLXJ1IGxkLnNvLTEuOS4y L2QtbGluay92c3ByaW50Zi5jIGxkLnNvLTEuOS4yLWZpeGVkL2QtbGluay92 c3ByaW50Zi5jDQotLS0gbGQuc28tMS45LjIvZC1saW5rL3ZzcHJpbnRmLmMJ V2VkIE9jdCAgOSAxMjoxNzoyMSAxOTk2DQorKysgbGQuc28tMS45LjItZml4 ZWQvZC1saW5rL3ZzcHJpbnRmLmMJTW9uIEp1bCAyMSAwMToxNjozNSAxOTk3 DQpAQCAtMTI3LDExICsxMjcsMTMgQEANCiAJaW50IHF1YWxpZmllcjsJCS8q ICdoJywgJ2wnLCBvciAnTCcgZm9yIGludGVnZXIgZmllbGRzICovDQogDQog CWNoYXIgYnVmWzEwMjRdOw0KKwljaGFyICplbmRidWY7DQogCXZhX2xpc3Qo YXJncyk7DQogDQogCXZhX3N0YXJ0KGFyZ3MsIGZtdCk7DQorCWVuZGJ1Zj1i dWYrMTAyMzsNCiANCi0JZm9yIChzdHI9YnVmIDsgKmZtdCA7ICsrZm10KSB7 DQorCSBmb3IgKHN0cj1idWYgOyAqZm10ICYmIHN0ciA8IGVuZGJ1ZiA7ICsr Zm10KSB7DQogCQlpZiAoKmZtdCAhPSAnJScpIHsNCiAJCQkqc3RyKysgPSAq Zm10Ow0KIAkJCWNvbnRpbnVlOw0KQEAgLTE5MSwxMCArMTkzLDExIEBADQog CQlzd2l0Y2ggKCpmbXQpIHsNCiAJCWNhc2UgJ2MnOg0KIAkJCWlmICghKGZs YWdzICYgTEVGVCkpDQotCQkJCXdoaWxlICgtLWZpZWxkX3dpZHRoID4gMCkN CisJCQkJd2hpbGUgKC0tZmllbGRfd2lkdGggPiAwICYmIHN0ciA8IGVuZGJ1 ZikNCiAJCQkJCSpzdHIrKyA9ICcgJzsNCi0JCQkqc3RyKysgPSAodW5zaWdu ZWQgY2hhcikgdmFfYXJnKGFyZ3MsIGludCk7DQotCQkJd2hpbGUgKC0tZmll bGRfd2lkdGggPiAwKQ0KKwkJCWlmIChzdHIgPCBlbmRidWYpDQorCQkJICAq c3RyKysgPSAodW5zaWduZWQgY2hhcikgdmFfYXJnKGFyZ3MsIGludCk7DQor CQkJd2hpbGUgKC0tZmllbGRfd2lkdGggPiAwICYmIHN0ciA8IGVuZGJ1ZikN CiAJCQkJKnN0cisrID0gJyAnOw0KIAkJCWNvbnRpbnVlOw0KIA0KQEAgLTIw NiwxMSArMjA5LDExIEBADQogCQkJbGVuID0gX2RsX3N0cmxlbihzKTsNCiAN CiAJCQlpZiAoIShmbGFncyAmIExFRlQpKQ0KLQkJCQl3aGlsZSAobGVuIDwg ZmllbGRfd2lkdGgtLSkNCisJCQkJd2hpbGUgKGxlbiA8IGZpZWxkX3dpZHRo LS0gJiYgc3RyIDwgZW5kYnVmKQ0KIAkJCQkJKnN0cisrID0gJyAnOw0KLQkJ CWZvciAoaSA9IDA7IGkgPCBsZW47ICsraSkNCisJCQlmb3IgKGkgPSAwOyBp IDwgbGVuICYmIHN0ciA8IGVuZGJ1ZjsgKytpKQ0KIAkJCQkqc3RyKysgPSAq cysrOw0KLQkJCXdoaWxlIChsZW4gPCBmaWVsZF93aWR0aC0tKQ0KKwkJCXdo aWxlIChsZW4gPCBmaWVsZF93aWR0aC0tICYmIHN0ciA8IGVuZGJ1ZikNCiAJ CQkJKnN0cisrID0gJyAnOw0KIAkJCWNvbnRpbnVlOw0KIA0KQEAgLTIxOSw5 ICsyMjIsMTIgQEANCiAJCQkJZmllbGRfd2lkdGggPSAyKnNpemVvZih2b2lk ICopOw0KIAkJCQlmbGFncyB8PSBaRVJPUEFEOw0KIAkJCX0NCi0JCQlzdHIg PSBudW1iZXIoc3RyLA0KLQkJCQkodW5zaWduZWQgbG9uZykgdmFfYXJnKGFy Z3MsIHZvaWQgKiksIDE2LA0KLQkJCQlmaWVsZF93aWR0aCwgcHJlY2lzaW9u LCBmbGFncyk7DQorDQorCQkJaWYgKGZpZWxkX3dpZHRoIDw9IGVuZGJ1Zi1z dHIpew0KKwkJCSAgICAgICAgICAgc3RyID0gbnVtYmVyKHN0ciwNCisJCQkJ ICAgICAodW5zaWduZWQgbG9uZykgdmFfYXJnKGFyZ3MsIHZvaWQgKiksIDE2 LA0KKwkJCQkgICAgIGZpZWxkX3dpZHRoLCBwcmVjaXNpb24sIGZsYWdzKTsN CisJCQl9DQogCQkJY29udGludWU7DQogDQogDQpAQCAtMjU0LDkgKzI2MCw5 IEBADQogDQogCQlkZWZhdWx0Og0KIAkJCWlmICgqZm10ICE9ICclJykNCi0J CQkJKnN0cisrID0gJyUnOw0KKwkJCQlpZiAoc3RyIDwgZW5kYnVmKSAqc3Ry KysgPSAnJSc7DQogCQkJaWYgKCpmbXQpDQotCQkJCSpzdHIrKyA9ICpmbXQ7 DQorCQkJCWlmIChzdHIgPCBlbmRidWYpICpzdHIrKyA9ICpmbXQ7DQogCQkJ ZWxzZQ0KIAkJCQktLWZtdDsNCiAJCQljb250aW51ZTsNCkBAIC0yNzIsNyAr Mjc4LDE3IEBADQogCQkJbnVtID0gdmFfYXJnKGFyZ3MsIGludCk7DQogCQll bHNlDQogCQkJbnVtID0gdmFfYXJnKGFyZ3MsIHVuc2lnbmVkIGludCk7DQot CQlzdHIgPSBudW1iZXIoc3RyLCBudW0sIGJhc2UsIGZpZWxkX3dpZHRoLCBw cmVjaXNpb24sIGZsYWdzKTsNCisJCWlmIChmaWVsZF93aWR0aCAhPSAtMSkg ew0KKyAgICAgICAgICAgICAgICAgICAgICAgIGlmIChmaWVsZF93aWR0aCA8 PSBlbmRidWYtc3RyKSB7IA0KKwkJCSAgICAgc3RyID0gbnVtYmVyKHN0ciwg bnVtLCBiYXNlLA0KKwkJCQkJICBmaWVsZF93aWR0aCwgcHJlY2lzaW9uLCBm bGFncyk7DQorCQkJfQ0KKwkJfWVsc2V7DQorICAgICAgICAgICAgICAgICAg ICAgICAgaWYgKDEwMCA8PSBlbmRidWYtc3RyKSB7IA0KKwkJCSAgICAgc3Ry ID0gbnVtYmVyKHN0ciwgbnVtLCBiYXNlLA0KKwkJCQkJICBmaWVsZF93aWR0 aCwgcHJlY2lzaW9uLCBmbGFncyk7DQorCQkJfQ0KKwkJfQ0KIAl9DQogCSpz dHIgPSAnXDAnOw0KIAlfZGxfd3JpdGUoZmQsIGJ1Ziwgc3RyLWJ1Zik7DQpk aWZmIC1ydSBsZC5zby0xLjkuMi9sZC1zby9mZHByaW50Zi5jIGxkLnNvLTEu OS4yLWZpeGVkL2xkLXNvL2ZkcHJpbnRmLmMNCi0tLSBsZC5zby0xLjkuMi9s ZC1zby9mZHByaW50Zi5jCVNhdCBNYXkgMjUgMjI6MDc6MjEgMTk5Ng0KKysr IGxkLnNvLTEuOS4yLWZpeGVkL2xkLXNvL2ZkcHJpbnRmLmMJTW9uIEp1bCAy MSAwMTowMTo0NSAxOTk3DQpAQCAtOSw3ICs5LDcgQEANCiAjaW5jbHVkZSA8 c3RkYXJnLmg+DQogI2luY2x1ZGUgPHVuaXN0ZC5oPg0KIA0KLWV4dGVybiBp bnQgdnNwcmludGYoY2hhciAqIGJ1ZiwgY29uc3QgY2hhciAqIGZtdCwgdmFf bGlzdCBhcmdzKTsNCitleHRlcm4gaW50IHZzbnByaW50ZihjaGFyICogYnVm LCBzaXplX3Qgc2l6ZSwgY29uc3QgY2hhciAqIGZtdCwgdmFfbGlzdCBhcmdz KTsNCiANCiBpbnQgZmRwcmludGYoaW50IGZkLCBjb25zdCBjaGFyICpmbXQs IC4uLikNCiB7DQpAQCAtMTgsNyArMTgsNyBAQA0KIAljaGFyIGJ1ZlsxMDI0 XTsNCiANCiAJdmFfc3RhcnQoYXJncywgZm10KTsNCi0JaT12c3ByaW50Zihi dWYsZm10LGFyZ3MpOw0KKwlpPXZzbnByaW50ZihidWYsMTAyNCwgZm10LGFy Z3MpOw0KIAl2YV9lbmQoYXJncyk7DQogCXdyaXRlKGZkLCBidWYsIGkpOw0K IA0KZGlmZiAtcnUgbGQuc28tMS45LjIvbGQtc28vbGQuc28uYyBsZC5zby0x LjkuMi1maXhlZC9sZC1zby9sZC5zby5jDQotLS0gbGQuc28tMS45LjIvbGQt c28vbGQuc28uYwlNb24gSmFuICA2IDIwOjUxOjA2IDE5OTcNCisrKyBsZC5z by0xLjkuMi1maXhlZC9sZC1zby9sZC5zby5jCVN1biBKdWwgMjAgMjM6Mjk6 MzUgMTk5Nw0KQEAgLTE0OSw2ICsxNDksNDYgQEANCiB9DQogI2VuZGlmDQog DQorLyoNCisgKglTdG9wIGFyZ3YwIG92ZXJmbG93aW5nIHZzcHJpbnRmLCBi dXQgYWxzbyB0cnkgdG8gc3RvcCBmYWxzZSBwb3NpdGl2ZXMNCisgKglXZSBv YmV5IHRoZSBmb2xsb3dpbmcgcnVsZQ0KKyAqDQorICoJSWYgbmFtZXNpemUg PCAyNTYgIGtlZXANCisgKglJZiBuYW1lIGZyb20gbGFzdCAvIDwgMjU2IHVz ZSB0aGF0DQorICoJZWxzZSB1c2UgTERTT19OQU1FDQorICoNCisgKglUaGlz IGVuc3VyZXMgL3ZlcnkvbG9uZy9zdHVwaWQvbmZzL3BhdGgvd2Uvb2Z0ZW4v Z2V0L2Zvb2JhcmNtZA0KKyAqCWNvbWVzIG91dCBhdCBsZWFzdCBhcy4gIA0K KyAqDQorICoJZm9vYmFyY21kOiBzb21lZXJyb3INCisgKg0KKyAqCUV2ZW4g aWYgd2UgZml4IHZzcHJpbnRmIHRvIGJlIHZzbnByaW50ZiAod2hpY2ggd2Ug c2hvdWxkKSwgdGhpcw0KKyAqCW91Z2h0IHRvIGJlIGtlcHQgdG8gaGVscCBt YWtlIHJlYWwgc2l6ZSBsaW1pdGVkIGVycm9ycyBjbGVhcmVyLg0KKyAqLw0K KyANCitzdGF0aWMgY2hhciAqYXJndl9yZW1hcChjaGFyICpwdHIpDQorew0K KwljaGFyICp0bXA7DQorCWlmKHN0cmxlbihwdHIpPDI1NikNCisJCXJldHVy biBwdHI7DQorCWlmKCEqcHRyKQ0KKwkJcmV0dXJuIHB0cjsNCisJdG1wPXB0 citzdHJsZW4ocHRyKS0xOw0KKwkvKg0KKwkgKglXYWxrIGJhY2sgZG93biB0 aGUgY2hhaW4gdW50aWwgd2UgZmluZCBhIHNsYXNoDQorCSAqLw0KKwl3aGls ZSh0bXA+PXB0ciAmJiAqdG1wIT0nLycpDQorCQl0bXAtLTsNCisJLyoNCisJ ICoJTm8gc2xhc2gsIG9yIHRvbyBsb25nIGFmdGVyIHNsYXNoIGFuZCBJbSBu b3QgcGxheWluZyBzbyBueWFoDQorCSAqLw0KKwlpZigqdG1wIT0nLycpDQor CQlyZXR1cm4gTERTT19JTUFHRTsNCisJaWYoc3RybGVuKHRtcCk+MjU2KQkv KiBOb3Qgb2ZmIGJ5IDEgLi4gc3RybGVuIGluY2x1ZGVzIHRoZSAvICovDQor CQlyZXR1cm4gTERTT19JTUFHRTsNCisJcmV0dXJuIHRtcCsxOw0KK30NCisN CiB2b2lkDQogc2hhcmVkX2xvYWRlcihpbnQgZnVuYywgLi4uKQ0KIHsNCkBA IC0yMDUsMTIgKzI0NSwxNCBAQA0KIAlzYXZlX21hcGluZm8obWFwaW5mbyk7 DQogI2VuZGlmDQogCWFyZ3YwID0gdmFfYXJnKGFwLCBjaGFyICopOw0KKwlh cmd2MCA9IGFyZ3ZfcmVtYXAoYXJndjApOw0KIAlfX2Vudmlyb24gPSB2YV9h cmcoYXAsIGNoYXIgKiopOw0KIAlfX1NIQVJFRF9MSUJSQVJJRVNfXyA9IHZh X2FyZyhhcCwgc3RydWN0IGxpYmVudHJ5ICoqKTsNCiAJX1NIQVJBQkxFX0NP TkZMSUNUU19fID0gdmFfYXJnKGFwLCBzdHJ1Y3QgZml4dXBsaXN0ICopOw0K IAlpZiAoZnVuYyA9PSBGVU5DX0xJTktfQU5EX0NBTExCQUNLKQ0KIAkgIGNh bGxiYWNrID0gdmFfYXJnKGFwLCBjYWxsYmFja3B0cik7DQogCXZhX2VuZChh cCk7DQorCQ0KIAlicmVhazsNCiAgICAgZGVmYXVsdDoNCiAJLyogeW91IHdh bnQgbWUgdG8gZG8gd2hhdD8gKi8NCkBAIC0yMjYsNyArMjY4LDggQEANCiAg ICAgLyogZmluZCBvdXQgd2hvIHdlIGFyZSwgaW4gY2FzZSBzb21lYm9keSB3 YW50cyB0byBrbm93ICovDQogICAgIGlmICghYXJndjAgJiYgIShhcmd2MCA9 IGdldGVudihMRERfQVJHVjApKSkNCiAJYXJndjAgPSBMRFNPX0lNQUdFOw0K LQ0KKyAgICBhcmd2MD1hcmd2X3JlbWFwKGFyZ3YwKTsNCisgICAgDQogICAg IC8qIGhtbSwgeW91IHdhbnQgeW91ciBvd24gY29uZmlndXJhdGlvbiwgZG8g eW91PyAqLw0KICAgICBpZiAoZ2V0dWlkKCkgPT0gZ2V0ZXVpZCgpICYmIGdl dGdpZCgpID09IGdldGVnaWQoKSkNCiAgICAgew0KQEAgLTMyMiw2ICszNjUs MTEgQEANCiAJCS50ZXh0IHNlY3Rpb24uIFRoaXMgaXMgcGFzc2VkIHRvIGxk cHJlbG9hZCgpIGJlbG93ICovDQogCSAgICBpZiAocHJlbG9hZCB8fCBjYWxs YmFjaykNCiAJICAgIHsNCisJICAgIAlpZihubGlicz09MTApDQorCSAgICAJ ew0KKwkgICAgCQlmZHByaW50ZigyLCAiJXM6IHRvbyBtYW55IHByZWxvYWRz XG4iLGFyZ3YwKTsNCisJICAgIAkJZXhpdChFWElUX0ZBVEFMKTsNCisJICAg IAl9DQogCSAgICAgICAgbGlic1tubGlic10gPSBhbGxvY2Eoc3RybGVuKGJ1 ZmZlcikrMSk7DQogCSAgICAgICAgc3RyY3B5KGxpYnNbbmxpYnNdLCBidWZm ZXIpOw0KIAkgICAgICAgIG5saWJzKys7DQpPbmx5IGluIGxkLnNvLTEuOS4y LWZpeGVkL2xkLXNvOiBsZC5zby5jLm9yaWcNCmRpZmYgLXJ1IGxkLnNvLTEu OS4yL2xkLXNvL3N0cmVycm9yLmMgbGQuc28tMS45LjItZml4ZWQvbGQtc28v c3RyZXJyb3IuYw0KLS0tIGxkLnNvLTEuOS4yL2xkLXNvL3N0cmVycm9yLmMJ U2F0IE1heSAyNSAxMzozMDozMyAxOTk2DQorKysgbGQuc28tMS45LjItZml4 ZWQvbGQtc28vc3RyZXJyb3IuYwlNb24gSnVsIDIxIDAxOjA0OjUyIDE5OTcN CkBAIC00MSwxMiArNDEsMTIgQEANCiANCiAgIGlmIChlcnJudW0gPCAwIHx8 IGVycm51bSA+PSBfc3lzX25lcnIpDQogICAgIHsNCi0gICAgICBzdGF0aWMg Y2hhciB1bmtub3duX2Vycm9yW10gPSAiVW5rbm93biBlcnJvciAwMDAwMDAw MDAwMDAwMDAwMDAwMDAiOw0KKyAgICAgIHN0YXRpYyBjaGFyIHVua25vd25f ZXJyb3JbMzZdID0gIlVua25vd24gZXJyb3IgMDAwMDAwMDAwMDAwMDAwMDAw MDAwIjsNCiAgICAgICBzdGF0aWMgY2hhciBmbXRbXSA9ICJVbmtub3duIGVy cm9yICVkIjsNCiAjaWZkZWYgX19saW51eF9fDQotICAgICAgc3ByaW50Zih1 bmtub3duX2Vycm9yLCBmbXQsIGVycm51bSk7DQorICAgICAgc25wcmludGYo dW5rbm93bl9lcnJvciwgMzYsIGZtdCwgZXJybnVtKTsNCiAjZWxzZQ0KLSAg ICAgIHNpemVfdCBsZW4gPSBzcHJpbnRmKHVua25vd25fZXJyb3IsIGZtdCwg ZXJybnVtKTsNCisgICAgICBzaXplX3QgbGVuID0gc25wcmludGYodW5rbm93 bl9lcnJvciwgMzYsIGZtdCwgZXJybnVtKTsNCiAgICAgICBpZiAobGVuIDwg c2l6ZW9mKGZtdCkgLSAyKQ0KIAlyZXR1cm4gTlVMTDsNCiAgICAgICB1bmtu b3duX2Vycm9yW2xlbl0gPSAnXDAnOw0KZGlmZiAtcnUgbGQuc28tMS45LjIv bGQtc28vdnNwcmludGYuYyBsZC5zby0xLjkuMi1maXhlZC9sZC1zby92c3By aW50Zi5jDQotLS0gbGQuc28tMS45LjIvbGQtc28vdnNwcmludGYuYwlTYXQg TWF5IDI1IDIyOjA3OjE4IDE5OTYNCisrKyBsZC5zby0xLjkuMi1maXhlZC9s ZC1zby92c3ByaW50Zi5jCU1vbiBKdWwgMjEgMDE6MTE6MjAgMTk5Nw0KQEAg LTEwNCwxMyArMTA0LDE0IEBADQogCXJldHVybiBzdHI7DQogfQ0KIA0KLWlu dCB2c3ByaW50ZihjaGFyICpidWYsIGNvbnN0IGNoYXIgKmZtdCwgdmFfbGlz dCBhcmdzKQ0KK2ludCB2c25wcmludGYoY2hhciAqYnVmLCBzaXplX3QgbWF4 c2l6ZSwgY29uc3QgY2hhciAqZm10LCB2YV9saXN0IGFyZ3MpDQogew0KIAlp bnQgbGVuOw0KIAl1bnNpZ25lZCBsb25nIG51bTsNCiAJaW50IGksIGJhc2U7 DQogCWNoYXIgKiBzdHI7DQogCWNvbnN0IGNoYXIgKnM7DQorCWNoYXIgKmVu ZGJ1ZjsNCiANCiAJaW50IGZsYWdzOwkJLyogZmxhZ3MgdG8gbnVtYmVyKCkg Ki8NCiANCkBAIC0xMTksNyArMTIwLDEwIEBADQogCQkJCSAgIG51bWJlciBv ZiBjaGFycyBmb3IgZnJvbSBzdHJpbmcgKi8NCiAJaW50IHF1YWxpZmllcjsJ CS8qICdoJywgJ2wnLCBvciAnTCcgZm9yIGludGVnZXIgZmllbGRzICovDQog DQotCWZvciAoc3RyPWJ1ZiA7ICpmbXQgOyArK2ZtdCkgew0KKwlpZiAobWF4 c2l6ZSA9PSAwKSByZXR1cm4gMDsNCisJZW5kYnVmID0gYnVmICsgbWF4c2l6 ZSAtIDE7DQorDQorICAgICAgICBmb3IgKHN0cj1idWYgOyAqZm10ICYmIHN0 ciA8IGVuZGJ1ZiA7ICsrZm10KSB7DQogCQlpZiAoKmZtdCAhPSAnJScpIHsN CiAJCQkqc3RyKysgPSAqZm10Ow0KIAkJCWNvbnRpbnVlOw0KQEAgLTE3OSwx MCArMTgzLDExIEBADQogCQlzd2l0Y2ggKCpmbXQpIHsNCiAJCWNhc2UgJ2Mn Og0KIAkJCWlmICghKGZsYWdzICYgTEVGVCkpDQotCQkJCXdoaWxlICgtLWZp ZWxkX3dpZHRoID4gMCkNCisJCQkJd2hpbGUgKC0tZmllbGRfd2lkdGggPiAw ICYmIHN0ciA8IGVuZGJ1ZikNCiAJCQkJCSpzdHIrKyA9ICcgJzsNCi0JCQkq c3RyKysgPSAodW5zaWduZWQgY2hhcikgdmFfYXJnKGFyZ3MsIGludCk7DQot CQkJd2hpbGUgKC0tZmllbGRfd2lkdGggPiAwKQ0KKwkJCWlmIChzdHIgPCBl bmRidWYpDQorCQkJCSpzdHIrKyA9ICh1bnNpZ25lZCBjaGFyKSB2YV9hcmco YXJncywgaW50KTsNCisJCQl3aGlsZSAoLS1maWVsZF93aWR0aCA+IDAgJiYg c3RyIDwgZW5kYnVmKQ0KIAkJCQkqc3RyKysgPSAnICc7DQogCQkJY29udGlu dWU7DQogDQpAQCAtMTk0LDExICsxOTksMTEgQEANCiAJCQlsZW4gPSBzdHJs ZW4ocyk7DQogDQogCQkJaWYgKCEoZmxhZ3MgJiBMRUZUKSkNCi0JCQkJd2hp bGUgKGxlbiA8IGZpZWxkX3dpZHRoLS0pDQorCQkJCXdoaWxlIChsZW4gPCBm aWVsZF93aWR0aC0tICYmIHN0ciA8IGVuZGJ1ZikNCiAJCQkJCSpzdHIrKyA9 ICcgJzsNCi0JCQlmb3IgKGkgPSAwOyBpIDwgbGVuOyArK2kpDQorCQkJZm9y IChpID0gMDsgaSA8IGxlbiAmJiBzdHIgPCBlbmRidWY7ICsraSkNCiAJCQkJ KnN0cisrID0gKnMrKzsNCi0JCQl3aGlsZSAobGVuIDwgZmllbGRfd2lkdGgt LSkNCisJCQl3aGlsZSAobGVuIDwgZmllbGRfd2lkdGgtLSAmJiBzdHIgPCBl bmRidWYpDQogCQkJCSpzdHIrKyA9ICcgJzsNCiAJCQljb250aW51ZTsNCiAN CkBAIC0yMDcsOSArMjEyLDEyIEBADQogCQkJCWZpZWxkX3dpZHRoID0gMipz aXplb2Yodm9pZCAqKTsNCiAJCQkJZmxhZ3MgfD0gWkVST1BBRDsNCiAJCQl9 DQotCQkJc3RyID0gbnVtYmVyKHN0ciwNCi0JCQkJKHVuc2lnbmVkIGxvbmcp IHZhX2FyZyhhcmdzLCB2b2lkICopLCAxNiwNCi0JCQkJZmllbGRfd2lkdGgs IHByZWNpc2lvbiwgZmxhZ3MpOw0KKw0KKwkJCWlmIChmaWVsZF93aWR0aCA8 PSBlbmRidWYtc3RyKXsNCisJCQkJc3RyID0gbnVtYmVyKHN0ciwNCisJCQkJ ICAodW5zaWduZWQgbG9uZykgdmFfYXJnKGFyZ3MsIHZvaWQgKiksIDE2LA0K KwkJCQkgIGZpZWxkX3dpZHRoLCBwcmVjaXNpb24sIGZsYWdzKTsNCisJCQl9 DQogCQkJY29udGludWU7DQogDQogDQpAQCAtMjQyLDkgKzI1MCw5IEBADQog DQogCQlkZWZhdWx0Og0KIAkJCWlmICgqZm10ICE9ICclJykNCi0JCQkJKnN0 cisrID0gJyUnOw0KKwkJCQlpZiAoc3RyIDwgZW5kYnVmKSAqc3RyKysgPSAn JSc7DQogCQkJaWYgKCpmbXQpDQotCQkJCSpzdHIrKyA9ICpmbXQ7DQorCQkJ CWlmIChzdHIgPCBlbmRidWYpICpzdHIrKyA9ICpmbXQ7DQogCQkJZWxzZQ0K IAkJCQktLWZtdDsNCiAJCQljb250aW51ZTsNCkBAIC0yNjAsMTkgKzI2OCwy OSBAQA0KIAkJCW51bSA9IHZhX2FyZyhhcmdzLCBpbnQpOw0KIAkJZWxzZQ0K IAkJCW51bSA9IHZhX2FyZyhhcmdzLCB1bnNpZ25lZCBpbnQpOw0KLQkJc3Ry ID0gbnVtYmVyKHN0ciwgbnVtLCBiYXNlLCBmaWVsZF93aWR0aCwgcHJlY2lz aW9uLCBmbGFncyk7DQorCQlpZiAoZmllbGRfd2lkdGggIT0gLTEpIHsNCisJ CQlpZiAoZmllbGRfd2lkdGggPD0gZW5kYnVmLXN0cikgeyANCisJCQkgICAg c3RyID0gbnVtYmVyKHN0ciwgbnVtLCBiYXNlLA0KKwkJCQkJIGZpZWxkX3dp ZHRoLCBwcmVjaXNpb24sIGZsYWdzKTsNCisJCQl9DQorCQl9ZWxzZXsNCisJ CQlpZiAoMTAwIDw9IGVuZGJ1Zi1zdHIpIHsgDQorCQkJICAgIHN0ciA9IG51 bWJlcihzdHIsIG51bSwgYmFzZSwNCisJCQkJCSBmaWVsZF93aWR0aCwgcHJl Y2lzaW9uLCBmbGFncyk7DQorCQkJfQ0KKwkJfQ0KIAl9DQogCSpzdHIgPSAn XDAnOw0KIAlyZXR1cm4gc3RyLWJ1ZjsNCiB9DQogDQotaW50IHNwcmludGYo Y2hhciAqIGJ1ZiwgY29uc3QgY2hhciAqZm10LCAuLi4pDQoraW50IHNucHJp bnRmKGNoYXIgKiBidWYsIHNpemVfdCBzaXplLCBjb25zdCBjaGFyICpmbXQs IC4uLikNCiB7DQogCXZhX2xpc3QgYXJnczsNCiAJaW50IGk7DQogDQogCXZh X3N0YXJ0KGFyZ3MsIGZtdCk7DQotCWk9dnNwcmludGYoYnVmLGZtdCxhcmdz KTsNCisJaT12c25wcmludGYoYnVmLHNpemUsZm10LGFyZ3MpOw0KIAl2YV9l bmQoYXJncyk7DQogCXJldHVybiBpOw0KIH0NCk9ubHkgaW4gbGQuc28tMS45 LjIvbWFuOiBsZC5zby5pbmZvDQpPbmx5IGluIGxkLnNvLTEuOS4yL3Rlc3Q6 IGV0ZXN0Zg0KT25seSBpbiBsZC5zby0xLjkuMi90ZXN0OiBldGVzdGkNCk9u bHkgaW4gbGQuc28tMS45LjIvdXRpbDogZWxmLW9rDQpPbmx5IGluIGxkLnNv LTEuOS4yL3V0aWw6IGxkY29uZmlnDQpPbmx5IGluIGxkLnNvLTEuOS4yL3V0 aWw6IGxkZA0KT25seSBpbiBsZC5zby0xLjkuMi91dGlsOiBsZGRzdHViDQo--567214411-2105302250-869475708=:3243--