On Nov 18,  9:07am, new.security@gmail.com wrote:
}
} >Number:         36725
} >Synopsis:       fsplit segfaults when user doesnt have correct permissions
} >Description:
} When you run fsplit without any arguments in a directory that you do not have writing permissions in it will segfault because it is trying to write  a file without checking if you have the correct permissions.

     Eyeballing the code and experimenting demonstrates that it doesn't
matter if you supply an argument or not.

} >How-To-Repeat:
} run fsplit in a directory you do not have write permissions in.
} >Fix:
} Index: fsplit.c
} ===================================================================
} RCS file: /cvsroot/src/usr.bin/fsplit/fsplit.c,v
} retrieving revision 1.11
} diff -u -r1.11 fsplit.c
} --- fsplit.c    30 Oct 2004 17:27:28 -0000      1.11
} +++ fsplit.c    2 Aug 2007 16:21:39 -0000
} @@ -147,8 +147,15 @@
}                         exit(1);
}                 }
}         }
} -       else
} +       else {
} +               if((access(".", W_OK)) !=0) {
} +                       fprintf(stderr, "Incorrent access user cannot write to directory\n");
} +                       exit(1);
} +               }
} +
}                 ifp = stdin;
} +       }
} +
}      for(;;) {
}         /* look for a temp file that doesn't correspond to an existing file */
}         get_name(x, 3);

     This patch is not in any way an improvement.  There is no error
checking anywhere in the code.  The file that it is trying to open
could be at the end of a symbolic link and this patch doesn't cover
that case.  Also, there are other reasons besides lack of write
permission in the directory that the fopen() could fail.  As mentioned
above, it doesn't matter if an argument is supplied, so even if the
patch was correct, it is in the wrong place.  Finally, any of the other
operations could fail for any number of reasons.  The program needs a
major overhaul and needs to have error checking added to all file
operations.

}-- End of excerpt from new.security@gmail.com