From owner-freebsd-hackers  Mon Nov  5 13:48:10 2001
Delivered-To: freebsd-hackers@freebsd.org
Received: from red.csi.cam.ac.uk (red.csi.cam.ac.uk [131.111.8.70])
	by hub.freebsd.org (Postfix) with ESMTP id 4D9A737B405
	for <freebsd-hackers@freebsd.org>; Mon,  5 Nov 2001 13:48:09 -0800 (PST)
Received: from dr263.sel.cam.ac.uk
	([131.111.129.153] helo=there ident=dr)
	by red.csi.cam.ac.uk with smtp (Exim 3.22 #1)
	id 160rbE-0002P7-00
	for freebsd-hackers@freebsd.org; Mon, 05 Nov 2001 21:48:08 +0000
Content-Type: text/plain;
  charset="iso-8859-1"
From: David Rufino <dr263@cam.ac.uk>
To: freebsd-hackers@freebsd.org
Subject: hi
Date: Mon, 5 Nov 2001 21:47:19 +0000
X-Mailer: KMail [version 1.3.1]
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
Message-Id: <E160rbE-0002P7-00@red.csi.cam.ac.uk>
Sender: owner-freebsd-hackers@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-hackers.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-hackers>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-hackers>
X-Loop: FreeBSD.ORG

hi,

It appears there are a few bugs in do_authloop() of openssh in 4.4-STABLE 
where it is assumed pw != NULL. If the username doesn't exist then 
do_authentication() will call do_authloop() with a NULL pw as a parameter. 
This has caused sshd to signal11 (due to NULL dereference) on my box, under 
certain conditions. Apologies in advance if I'm missing something.
CC any replies, as I'm not subscribed.

Thanks,
David Rufino

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-hackers" in the body of the message