Hacker News new | ask | show | jobs
by ddalex_ro 4779 days ago
I mean, the fix consists in making sure that attr.config has all the 64 bits cleared - on the 64 bit machines, int is 64bit, so u64 == int, and all the bits are correctly handled. on 32 bit machines, int is 32bit, and the top 32 bit of attr.config is not cleared.

I may be wrong though, as I didn't scan through all the affected code.
5 comments
sd_ 4779 days ago
It's not that hard to port it to 32 bits, just hang on week or two. I'm just too lazy.

IGjDf1e4eQxWyBFArYM8HgvCuns6p+GbfHoE3SPxYV59kXnA12BWdMr6D5eAAFgtBSX+/Yi+vLxMmEiszkwHLCA=

link
rommelvr 4779 days ago
Hahaha. Love that you signed your message with your 'jewgold' address. Nice 0day.
link
dfc 4779 days ago
Me too. I love latent antisemitism.
link
ambiate 4779 days ago
The goto and labels stick out like coal in a pile of gold.
link
sd_ 4779 days ago
Duly noted. Will attempt to obfuscate using longjmp next time.
link
edwintorok 4779 days ago
No, int is the same size on 32-bit and 64-bit Linux: sizeof(int) == 4 sizeof(long) == 4 (32-bit), 8 (64-bit) sizeof(long long) == 8
link
ddalex_ro 4779 days ago
I learn something every day, thank you !
link
jbaiter 4779 days ago
I just ran the exploit on a 64bit machine and it worked as expected, I got root privileges.
link
ah- 4779 days ago
I just tried it on a 64bit machine and it works.
link
papsosouid 4779 days ago
http://en.wikipedia.org/wiki/64-bit_computing#64-bit_data_mo...
link