OSF/1 or Tru64 patch for Privsep

Ben Lindstrom mouring at etoh.eviladmin.org
Tue Aug 13 14:04:57 EST 2002


On Tue, 13 Aug 2002, Peter Stuge wrote:

> On Mon, Aug 12, 2002 at 02:08:35PM -0500, SCHINCKE, KEITH (JSC-SM) (LM) wrote:
> > 	s->ttyfd is -1 so NULL passed in as the tty.
> > monitor_wrap.c:mm_setup_sia calls buffer_put_cstring(&m, tty)
> > bufaux.c:buffer_put_cstring calls fatal() when s is NULL.
> >
> > I am still new to looking at the code but why not do
> > 	'buffer_put_string(&m,tty,strlen(tty));'
> > in monitor_wrap.c:mm_setup_sia?
>
> strlen(NULL) is bad.  It will try to access memory att address 0 and cause
> an access violation.  Instead maybe add
>

<nod>  Yet another stupid acceptable to a stupid language. =)


>   if(tty != NULL)
>
> in monitor_wrap.c:mm_setup_sia() before the call to buffer_put_cstring()
>

In my tree I've moved them to buffer_put_string()  and testing if tty is
NULL first.

I'll issue an updated patch as soon as I get CVS access back so I can
update with the current tree.

- Ben




More information about the openssh-unix-dev mailing list