
	Where results make sense

Topic: Signedness

In the News (Thu 16 Feb 12)

EXECUTIVE POWER

Iran

ANALYSIS

Pakistan

Family compact

	Signedness - Wikipedia, the free encyclopedia
		Wikimedia needs your help in the final days of its fund drive.
		Signedness is a property of an integer number used by a compiler to indicate if variables of a numeric type are capable of storing both positive and negative numbers, or just positive.
		When performing arithmetic using a mixture of "signed" and "unsigned" variables, one might see an error such as: "pointer targets in assignment differ in signedness".
	en.wikipedia.org /wiki/Signedness (95 words)

	[No title] (Site not responding. Last check: 2007-10-21)
		TITLE: signedness of char (Newsgroups: comp.std.c++, 8 Jan 97) MIKAEL: d96-mst@nada.kth.se (Mikael Ståldal) >The signess of plain char is not defined in the standard.
		The reason was that extending a char to an int ought to be an efficient operation, and computers varied (and still vary) in whether unsigned or signed extension was more efficient.
		If that principle had been adopted in C (as it was in Pascal 8 years before K&R1), we would not need to have these interminable discussions about behavior and implementation of type char.
	cpptips.hyperformix.com /cpptips/signed_char (275 words)

	[No title] (Site not responding. Last check: 2007-10-21)
		This can cause some confusion, as will be explained in the section on signedness bugs, because not all variables are signed, meaning they do not all use the MSB to determine whether they are positive or negative.
		When it is incremented, the most significant bit (indicating signedness) is set and the integer is interpreted as being negative.
		By passing a negative value for len, it is possible to pass the check at [1], but then in the call to memcpy at [2], len will be interpeted as a huge unsigned value, causing memory to be overwritten well past the end of the buffer kbuf.
	www.phrack.org /phrack/60/p60-0x0a.txt (2681 words)

	[Groff] Re: signedness problems
		It is either like `unsigned char' by default or like `signed char' by default.
		Ideally, a portable program should always use `signed char' or `unsigned char' when it depends on the signedness of an object.
		But many programs have been written to use plain `char' and expect it to be signed, or expect it to be unsigned, depending on the machines they were written for.
	lists.gnu.org /archive/html/groff/2003-07/msg00041.html (308 words)

	DarkSun.WS :: View topic - Basic Integer Overflows (Site not responding. Last check: 2007-10-21)
		Signedness bugs occur when an unsigned variable is interpreted as signed,
		Signedness bugs can take a variety of forms, but some of the things to look
		Recently, several signedness bugs were brought to light in the freebsd
	www.darksun.ws /PHPBB2/archive/o_t__t_37__basic-integer-overflows.html (2900 words)

	SAS/C Note: Signedness matters for short and char type arguments of __ref functions
		SAS/C Note: Signedness matters for short and char type arguments of __ref functions
		Signedness matters for short and char type arguments of __ref functions
		When a short or char type is passed as an argument to an __ref function, the sign of the argument must match the sign used in the prototype.
	support.sas.com /techsup/unotes/C/0474.html (128 words)

	Overview: Integer Vector Classes
		The first generation of child classes are derived based solely on bit sizes of 128, 64, 32, 16, and 8 respectively for the I128vec1, I64vec1, 164vec2, I32vec2, I32vec4, I16vec4, I16vec8, I8vec16, and I8vec8 classes.
		The latter seven of the these classes require specification of signedness and saturation.
		The signedness is indicated by the s and u in the class names:
	www.ncsa.uiuc.edu /UserInfo/Resources/Hardware/XeonCluster/Doc/Intel_8.0.044/c_ug/comm1079.htm (123 words)

	Linux-Net Archive: Re: Signedness bug in sctp_setsockopt() (security vulnerability). (Site not responding. Last check: 2007-10-21)
		Linux-Net Archive: Re: Signedness bug in sctp_setsockopt() (security vulnerability).
		Previous message: Sridhar Samudrala: "Re: Signedness bug in sctp_setsockopt() (security vulnerability)."
		In reply to: Sridhar Samudrala: "Re: Signedness bug in sctp_setsockopt() (security vulnerability)."
	www.uwsg.indiana.edu /hypermail/linux/net/0405.1/0007.html (233 words)

	www.phrack.org (Site not responding. Last check: 2007-10-21)
		The addition at [1], used to check that the data does not exceed the bounds of the output buffer, can be abused by setting size1 and size2 to values that will cause the size variable to wrap around to a negative value.
		----[ 4.2 Signedness bugs Recently, several signedness bugs were brought to light in the freebsd kernel.
		These allowed large portions of kernel memory to be read by passing negative length paramters to various syscalls.
	www.phrack.org /show.php?p=60&a=10 (2810 words)

	Re: assumptions in char signedness: list of broken ports
		I think we can assume that not all of these problems are going to be fixed soon, and there are those false positives, so somebody keeping tabs looks desirable.
		Re: assumptions in char signedness: list of broken ports
		Prev by thread: Re: assumptions in char signedness: list of broken ports
	www.monkey.org /openbsd/archive/ports/0202/msg00221.html (181 words)

	SELinux Mailing List: by thread
		The attached patch fixes some char signedness issues.
		: Russell Coker: "portability patch for char signedness"
		: Russell Coker: "Re: portability patch for char signedness"
	www.nsa.gov /selinux/list-archive/0304/thread_body33.cfm (786 words)

	ISS X-Force Database: imap-clients-literalsize-bo(12289): IMAP multiple clients literal_size buffer overflow (Site not responding. Last check: 2007-10-21)
		CAN-2003-0297: c-client IMAP Client, as used in imap-2002b and Pine 4.53, allows remote malicious IMAP servers to cause a denial of service (crash) and possibly execute arbitrary code via certain large (1) literal and (2) mailbox size values that cause either integer signedness errors or integer overflow errors.
		CAN-2003-0298: The IMAP Client for Mozilla 1.3 and 1.4a allows remote malicious IMAP servers to cause a denial of service and possibly execute arbitrary code via certain large (1) literal and possibly (2) mailbox size values that cause either integer signedness errors or integer overflow errors.
		CAN-2003-0300: The IMAP Client for Sylpheed 0.8.11 allows remote malicious IMAP servers to cause a denial of service (crash) via certain large literal size values that cause either integer signedness errors or integer overflow errors.
	xforce.iss.net /xforce/xfdb/12289 (618 words)

	[CS-FSLUG] Mac OS X Multiple Vulnerabilities
		The vulnerability has been reported in Mac OS X 10.3.4 as of 22nd June 2004 (Darwin kernel xnu-517.7.7).
		Reportedly, several older NetBSD vulnerabilities including a signedness error in the "semop()" system call still affect Mac OS X (see other references for more information).
		3) Signedness errors in the "parse_machfile()" function within the Mach-O loader can be exploited to crash the system via a specially crafted Mach-O header.
	www.ofb.biz /pipermail/christiansource_ofb.biz/2005-January/024523.html (255 words)

	Search Results
		Multiple off-by-one buffer overflows in the IMAP capability for Mutt 1.3.28 and earlier, and Balsa 1.2.4 and earlier, allow a remote malicious IMAP server to cause a denial of service (crash) and possibly execute arbitrary code via a specially crafted mail folder, a different vulnerability than CAN-2003-0140.
		The IMAP Client for Mozilla 1.3 and 1.4a allows remote malicious IMAP servers to cause a denial of service and possibly execute arbitrary code via certain large (1) literal and possibly (2) mailbox size values that cause either integer signedness errors or integer overflow errors.
		The IMAP Client, as used in mutt 1.4.1 and Balsa 2.0.10, allows remote malicious IMAP servers to cause a denial of service and possibly execute arbitrary code via certain large mailbox size values that cause either integer signedness errors or integer overflow errors.
	cve.mitre.org /cgi-bin/cvekey.cgi?keyword=IMAP+buffer+overflows (1303 words)

	[No title] (Site not responding. Last check: 2007-10-21)
		Date: 11 Sep 2000 Mailing List: perl6-language@perl.org Number: 209 Version: 1 Status: Developing =head1 ABSTRACT Perl currently allows blocks of code to use integer math for both increased performance and integer semantics.
		This should be extended to allow programs to specify both the size and signedness of integers.
		In order to both save memory and allow more rapid processing, Perl should support the ability to specify both the size and signedness of numbers for a given block.
	dev.perl.org /perl6/rfc/209.pod (179 words)

	ISS X-Force Database: xfree86-glx-integer-dos(15273): XFree86 GLX integer signedness denial of service
		XFree86 is vulnerable to a denial of service attack, caused by integer signedness errors.
		By using the GLX extension and Direct Rendering Infrastructure, a local or remote attacker could cause the X Server to crash, and possibly gain root privileges on the system.
		CVE-2004-0094: Integer signedness errors in XFree86 4.1.0 allow remote attackers to cause a denial of service and possibly execute arbitrary code when using the GLX extension and Direct Rendering Infrastructure (DRI).
	xforce.iss.net /xforce/xfdb/15273 (401 words)

	Linux-Net Archive: Re: Signedness bug in sctp_setsockopt() (security vulnerability).
		Next message: Shaun Colley: "Re: Signedness bug in sctp_setsockopt() (security vulnerability)."
		In reply to: Shaun Colley: "Signedness bug in sctp_setsockopt() (security vulnerability)."
		Next in thread: Shaun Colley: "Re: Signedness bug in sctp_setsockopt() (security vulnerability)."
	www.uwsg.indiana.edu /hypermail/linux/net/0405.1/0006.html (763 words)

	FedoraForum.org - webcam, 'motion' software
		motion.c:700: warning: pointer targets in passing argument 1 of ‘draw_text’ diff er in signedness
		motion.c:708: warning: pointer targets in passing argument 1 of ‘draw_text’ diff er in signedness
		motion.c:710: warning: pointer targets in passing argument 1 of ‘draw_text’ diff er in signedness
	www.fedoraforum.org /forum/showthread.php?t=22174 (1160 words)

	Re: Bug#182154: wrong assumption on char signedness (Site not responding. Last check: 2007-10-21)
		Subject: Re: Bug#182154: wrong assumption on char signedness
		Prev by Date: Bug#182154: wrong assumption on char signedness
		Previous by thread: Bug#182154: wrong assumption on char signedness
	lists.debian.org /debian-qa/2003/02/msg00332.html (77 words)

	Search Results
		Buffer overflow in proxyd for Cyrus IMAP Server 2.2.9 and earlier, with the imapmagicplus option enabled, may allow remote attackers to execute arbitrary code, a different vulnerability than CAN-2004-1011.
		Multiple integer signedness errors in (1) imapcommon.c, (2) main.c, (3) request.c, and (4) select.c for up-imapproxy IMAP proxy 1.2.2 allow remote attackers to cause a denial of service (server crash) and possibly leak sensitive information via certain literal values that are not properly handled when using the IMAP_Line_Read function.
		Off-by-one error in the mysasl_canon_user function in Cyrus IMAP Server 2.2.9 and earlier leads to a buffer overflow, which may allow remote attackers to execute arbitrary code via the username.
	cve.mitre.org /cgi-bin/cvekey.cgi?keyword=imap (2327 words)

	DarkSun.WS :: View topic - Basic Integer Overflows (Site not responding. Last check: 2007-10-21)
		(indicating signedness) is set and the integer is interpreted as being
		----[ 3.2 Signedness bugs caused by integer overflows
		value, it may be possible to trigger a signedness bug as described above.
	www.darksun.ws /PHPBB2/viewtopic.php?t=37 (2946 words)

	[No title] (Site not responding. Last check: 2007-10-21)
		1) A signedness error in the "poolsize_strategy()" function of the random poolsize sysctl handler (drivers/char/random.c) can potentially be exploited to cause a buffer overflow when copying data from user space into kernel space.
		2) Two signedness errors in the "sg_scsi_ioctl()" function in "drivers/block/scsi_ioctl.c" can be exploited to cause a buffer overflow or disclose large portions of kernel memory when copying data to and from user space.
		Successful exploitation may disclose sensitive information, crash the system, or potentially allow execution of arbitrary code with escalated privileges.
	packetstormsecurity.nl /0501-advisories/sa13784.txt (302 words)

	HNS - DLINK 614+ DHCP Service Denial of Service Vulnerability (Site not responding. Last check: 2007-10-21)
		The DI614+ SOHO router (latest firmware rev 2.30) suffers a signedness bug in its DHCP implementation.
		This comparaison determines if a requested lease time is lesser or equal to the maximal lease time set by the administrator and thus if it can be granted as requested by the client or instead fixed to its maximal value.
		This signedness bug can be triggered by sending a negative integer, so starting from 0x80000000 up to 0xffffffff (-1) in the client's LEASETIME option.
	www.net-security.org /vuln.php?id=3537 (671 words)

	Defect report #2dd
		Some problems arise with use of an "other implementation-defined type", a new addition in C99.
		nevertheless have the same signedness as ordinary objects of type
		have the same signedness as bit-field types, although that might be unsigned and so differ from the signedness of
	www.open-std.org /jtc1/sc22/wg14/www/docs/n1103.htm (412 words)

	LKML: Ingo Molnar: Re: [PATCH][RFC] variable size and signedness issues in ldt.c - potential problem?
		Re: [PATCH][RFC] variable size and signedness issues in ldt.c - potential problem?
		The > signedness of the return type makes sense given that it't supposed to > return -1 on error.
		But on success, in the case where it calls read_ldt, > it's supposed to return the actual number of bytes read.
	lkml.org /lkml/2004/1/9/29 (380 words)

	The GNU C Library (Site not responding. Last check: 2007-10-21)
		Because the GNU C library header files are customized to a specific machine, your program source code doesn't have to be.
		If you require that an integer be represented in exactly N bits, use one of the following types, with the obvious mapping to bit size and signedness:
		If your C compiler and target machine do not allow integers of a certain size, the corresponding above type does not exist.
	www.owlnet.rice.edu /~efeiv/gnu/libc_401.html (411 words)

	Asterisk Mailing List: [Asterisk] [GerhardTonn@swol.de: Bug#16 (Site not responding. Last check: 2007-10-21)
		[Asterisk] [GerhardTonn@swol.de: Bug#160097: wrong assumption on char signedness]
		Next in thread: Mark Spencer: "Re: [Asterisk] [GerhardTonn@swol.de: Bug#160097: wrong assumption on char signedness]"
		Reply: Mark Spencer: "Re: [Asterisk] [GerhardTonn@swol.de: Bug#160097: wrong assumption on char signedness]"
	www.marko.net /asterisk/archives/0210/0096.html (260 words)

	Asterisk Mailing List: [Asterisk] Holy bad luck!!!!!! (Site not responding. Last check: 2007-10-21)
		Next message: Mark Spencer: "Re: [Asterisk] [GerhardTonn@swol.de: Bug#160097: wrong assumption on char signedness]"
		Previous message: Mark Purcell: "[Asterisk] [GerhardTonn@swol.de: Bug#160097: wrong assumption on char signedness]"
		I tried with all 3 phones, and since, all of three didn't register the "#"
	www.marko.net /asterisk/archives/0210/0097.html (176 words)

	SourceForge.net CVS Repository - directory - cvs: fuse-emulator/libspectrum (Site not responding. Last check: 2007-10-21)
		Fix up gcc 4.0 signedness warnings (fixes bug #1197013).
		Implement a write cache for the IDE drives.
		Set sensible defaults for all the fields of the libspectrum_snap structure when...
	cvs.sourceforge.net /viewcvs.py/fuse-emulator/libspectrum?sortby=author (262 words)

	2002/freebsd-audit/20021020.freebsd-audit
		Oct 17 Peter Pentchev [CFR] 4.x-STABLE ftp client signedness patch 2.
		Oct 19 Peter Pentchev Re: [CFR] 4.x-STABLE ftp client signedness patch 3.
		Oct 18 service@artofservic ITIL in Government and Major Corporations - Has it w 7.
	docs.freebsd.org /mail/archive/2002/freebsd-audit/20021020.freebsd-audit.html (73 words)

Try your search on: Qwika (all wikis)