Date: 6 Jan 1999 19:42:28 -0000 From: dannyman@sasquatch.dannyland.org To: FreeBSD-gnats-submit@FreeBSD.ORG Cc: dannyman@sasquatch.dannyland.org Subject: docs/9351: 2.2.8-RELEASE/ERRATA.TXT should include getpwent.c semantics Message-ID: <19990106194228.3702.qmail@sasquatch.dannyland.org>
next in thread | raw e-mail | index | archive | help
>Number: 9351 >Category: docs >Synopsis: 2.2.8-RELEASE/ERRATA.TXT should include getpwent.c semantics >Confidential: no >Severity: serious >Priority: high >Responsible: freebsd-doc >State: open >Quarter: >Keywords: >Date-Required: >Class: doc-bug >Submitter-Id: current-users >Arrival-Date: Wed Jan 6 11:50:01 PST 1999 >Closed-Date: >Last-Modified: >Originator: Dan Howard >Release: FreeBSD 2.2.8-RELEASE i386 >Organization: EnterAct, LLC >Environment: 2.2.8-RELEASE >Description: There was a buffer overflow patch made to src/lib/libc/gen/getpwent.c immediately prior release of 2.2.8. A side-effect of this patch was to modify the semantics of getpwnam() such that a string that was longer than the maximum allowed for a username would still match if the first part of the string properly matched a user name. This behaviour was corrected by eivind at 1.35.2.3 of the CVS repository. As this change to getpwnam() across releases adversely impacted the behaviour of mail aliases on our system, and was somewhat tricky to diagnose, it would seem helpful to include it in the 2.2.8-RELEASE errata. >How-To-Repeat: >Fix: >Release-Note: >Audit-Trail: >Unformatted: To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-doc" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?19990106194228.3702.qmail>