Openssh-2.1.1p1 and solaris 7/8

Andre Lucas andre.lucas at dial.pipex.com
Mon Jun 19 07:35:31 EST 2000


Hi,

Thanks for the patch, and well spotted :) I took a long hard look and
found a few other instances where parts of struct [uw]tmpx? could get
clobbered, so I stuck in a macro that expands to just what you've sent,
and does the same in other affected parts of the code.

As another list member observed, this does result in some names getting
truncated in the resulting entries. I'm not really too concerned about
that as long as it's for things like hostnames - if it truncates the
username that's a different matter, things will probably break when that
happens.

Ta,
-Andre'

"P.S.S.Camp" wrote:
> 
> On Tue, 13 Jun 2000, John Horne wrote:
> 
> > Hello,
> >
> > I just installed the above openssh onto a Sun Solaris 7 and Solaris 8 system.
> > No problem with that. However, I now seem to get some rubbish processed when
> > I login with slogin. An example:
> >
> > Last login: Tue Jun 13 12:31:27 2000 from jhorne.csd.plymo:tJ`
> > ^[[?1;2c
> >
> > Telnet logs in okay, but just shows 'Last login...jhorne.csd.plymo'.
> >
> > This seems to get passed to the shell, which it of course errors on. I do,
> > however, actually login okay. This is seen on both systems. As a test I
> > purged the /var/adm/lastlog file - logged out, logged in  - this was okay.
> > Logged out and logged in again, and got the same problem.
> >
> > I upgraded from 2.1.0p3 to fix the utmpx problem; that version did not
> > exhibit this problem. So far the utmpx problem hasn't recurred though :-)
> >
> > I configured both systems using:
> >   ./configure --with-egd-pool=/tmp/entropy --with-catman=man
> >               --with-tcp-wrappers --with-default-path=/usr/bin:/usr/local/bin
> >
> > Using the '--disable-lastlog' got around the problem. Something doesn't seem
> > right though.
> >
> Right to further my patch yesterday this superseeds it
> --- loginrec.c.old      Wed Jun  7 12:32:13 2000
> +++ loginrec.c  Tue Jun 13 15:29:19 2000
> @@ -1087,7 +1087,7 @@
>  #endif
>                         line_fullname(li->line, utx.ut_line, sizeof(utx.ut_line));
>  #ifdef HAVE_HOST_IN_UTMPX
> -                       strlcpy(li->hostname, utx.ut_host, sizeof(utx.ut_line));
> +                       strlcpy(li->hostname, utx.ut_host, sizeof(utx.ut_host));
>  #endif
>                 }
>                 if (lseek(fd, (off_t)(0-2*sizeof(struct utmpx)),
> SEEK_CUR) == -1) {
> @@ -1289,7 +1289,10 @@
>  lastlog_populate_entry(struct logininfo *li, struct lastlog *last)
>  {
>         line_fullname(li->line, last->ll_line, sizeof(li->line));
> -       strlcpy(li->hostname, last->ll_host, sizeof(li->hostname));
> +       /* limit at length of the smallest structre as some entries as not
> +         * all are null terminated. */
> +       strlcpy(li->hostname, last->ll_host,
> +            ( sizeof(last->ll_host) < sizeof(li->hostname) ) ? sizeof(last->ll_host) : sizeof(li->hostname)   );
>         li->tv_sec = last->ll_time;
>  }
> 
> ----
> 
> This fixes corrupt lastlogin lines with --disable-lastlog and without
> The first chunk fixes a str chop at ut_line(32) instead of ut_host(256)
> The second that no all entries in lastlog file have zero terminated
> strings ie those of max length, so this path modifies the strlcpy to
> a limit of the smallest structutre involved in the copy, which should all
> be resolved a comple time as it is costant, then the strlcpy correctly
> termintes the copy.
> 
> Phill. Camp
> 
> --
> Computer Science Computing Officer
> University Of Kent At Canterbury





More information about the openssh-unix-dev mailing list