Request for comment, logging patch
Vikash Badal - PCS
Vikash.Badal at Comparex.co.za
Wed Mar 24 23:34:34 EST 2004
Greetings,
> -----Original Message-----
> From: Darren Tucker [mailto:dtucker at zip.com.au]
> Sent: 24 March 2004 01:19
> To: Vikash Badal - PCS
> Cc: openssh-unix-dev at mindrot.org
> Subject: Re: Request for comment, logging patch
>
>
> Vikash Badal - PCS wrote:
> > Greetings.
> >
< ... SNIP>
> in the key. Firstly, I'm not keen on logging too much
> user-controlled
> data, and there's no reason why the comment won't be longer
> than 64 chars...
>
In my haste to get this working, i took an arbitrary value
> If you must log it, you should probably run it through
> strnvis to escape
> any nasties.
will definitely learn more about this
>
> > /* cp now points to the comment part. */
> > + comment = cp;
> > + commentlen = strlen(comment);
> > + if (commentlen > 0 && comment[commentlen -1] == '\n')
> > + comment[commentlen - 1] = '\0';
>
> You're modifying the source string, although it looks like
> you're trying
> not to (comment and cp are just pointers that point to the
> same chunk of
> memory). You should probably use xstrdup (but see above).
>
Thanks, I will work on this.
> +extern char user_name[16];
> > + strncpy(user_name, authctxt->user, sizeof(user_name) -1 );
>
> Is it really neccessary to keep another copy of
> the_authctxt->user? And
> what guarantee is there that it's less than 16 chars?
this part is from my ignorance of coding, sorry, still got a lot to learn.
Thanks for the feedback,
I will work with the comments you have provided and hopefully learn more.
I have no idea if this was a good idea or not, but in the environment
in which i administer systems, user accounts are shared ( i know
it's stupid, but i have no power over this).
Thanks again,
I have certainly gained some knowledge at the very least.
Vikash
More information about the openssh-unix-dev
mailing list