Skip site navigation (1)Skip section navigation (2)
Date:      6 Jan 1999 19:42:28 -0000
From:      dannyman@sasquatch.dannyland.org
To:        FreeBSD-gnats-submit@FreeBSD.ORG
Cc:        dannyman@sasquatch.dannyland.org
Subject:   docs/9351: 2.2.8-RELEASE/ERRATA.TXT should include getpwent.c semantics
Message-ID:  <19990106194228.3702.qmail@sasquatch.dannyland.org>

next in thread | raw e-mail | index | archive | help

>Number:         9351
>Category:       docs
>Synopsis:       2.2.8-RELEASE/ERRATA.TXT should include getpwent.c semantics
>Confidential:   no
>Severity:       serious
>Priority:       high
>Responsible:    freebsd-doc
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:
>Class:          doc-bug
>Submitter-Id:   current-users
>Arrival-Date:   Wed Jan  6 11:50:01 PST 1999
>Closed-Date:
>Last-Modified:
>Originator:     Dan Howard
>Release:        FreeBSD 2.2.8-RELEASE i386
>Organization:
EnterAct, LLC
>Environment:

2.2.8-RELEASE

>Description:

There was a buffer overflow patch made to src/lib/libc/gen/getpwent.c
immediately prior release of 2.2.8.  A side-effect of this patch was to modify
the semantics of getpwnam() such that a string that was longer than the
maximum allowed for a username would still match if the first part of the
string properly matched a user name.  This behaviour was corrected by eivind
at 1.35.2.3 of the CVS repository.

As this change to getpwnam() across releases adversely impacted the behaviour
of mail aliases on our system, and was somewhat tricky to diagnose, it would
seem helpful to include it in the 2.2.8-RELEASE errata.
>How-To-Repeat:
>Fix:
>Release-Note:
>Audit-Trail:
>Unformatted:

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-doc" in the body of the message



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?19990106194228.3702.qmail>