Linux Unix98 ptys - was Re: Where is OpenSSH 2.5.0p1?

Marek Michalkiewicz marekm at amelek.gda.pl
Tue Feb 20 06:25:25 EST 2001


> >      *Warning:* Using the `openpty' function with NAME not set to
> >      `NULL' is *very dangerous* because it provides no protection
> >      against overflowing the string NAME.  You should use the `ttyname'
> >      function on the file descriptor returned in *SLAVE to find out the
> >      file name of the slave pseudo-terminal device instead.
> 
> I think that you would have a hard time causing any trouble with this
> - you would have to have a pretty messed up system if the path to your
> tty was more than 64 chars.

These paths look like /dev/pts/<number> but the code in glibc tries hard
to handle any length (realloc in a loop, etc.) - and later does strcpy
to the buffer supplied to openpty().

Is there a reason why the HAVE_DEV_PTMX code (without the I_PUSH ioctl
calls - as with HAVE_CYGWIN) is not used for Linux (glibc >= 2.1)?
It is standard, works fine as far as I can tell, and avoids ttyname()
which may be slow (the usual implementation is to search all of /dev/
for a matching device - not a noticeable delay on my box though).

Not a bug, just a suggestion to consider for some future release -
all the code is in place, only configure needs to be changed...

> Both applied.

Thanks.  I see 2.5.1p1 really is there now :).

Marek






More information about the openssh-unix-dev mailing list