Date: Sun, 01 Oct 2006 13:41:33 -0500 From: "Christian S.J. Peron" <csjp@sqrt.ca> To: Ruslan Ermilov <ru@FreeBSD.org> Cc: freebsd-bugs@FreeBSD.org, csjp@FreeBSD.org Subject: Re: bin/103873: login(1) SEGFAULT on unsuccessful login Message-ID: <45200BDD.6080300@sqrt.ca> In-Reply-To: <200610011732.k91HW1OF004225@freefall.freebsd.org> References: <200610011732.k91HW1OF004225@freefall.freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
Thanks for bringing this to my attention! Revision 1.101 is not quite correct. Although I agree that unconditionally dereferencing the pwd pointer is problematic, not submitting any audit record at all could also be considered a big problem too. If the audit record can not be attributed to a user, we should be marking it as a non-attributable event by setting the audit ID to AU_DEFAUDITID, and setting the other uid/gid et al to -1. For example, in the OpenSSH code we do this when we cant attribute the event to any specific user: header,99,10,OpenSSH login,0,Sun Oct 1 12:52:58 2006, + 92 msec subject,-1,-1,-1,-1,-1,3277,3277,52157,10.0.0.1 text,invalid user name "sdfgsdf" return,failure : No such process,4294967295 trailer,99 I will get this fixed up in HEAD and get it MFCed as soon as possible. Ruslan Ermilov wrote: > Synopsis: login(1) SEGFAULT on unsuccessful login > > Responsible-Changed-From-To: freebsd-bugs->csjp > Responsible-Changed-By: ru > Responsible-Changed-When: Sun Oct 1 17:29:34 UTC 2006 > Responsible-Changed-Why: > Christian did the MFC so he eats all the bugs now. :-) > > The fix proposed in the PR should be replaced by simply MFCing > rev. 1.101 to login.c: > > : date: 2006/03/28 15:30:42; author: cognet; state: Exp; lines: +5 -2 > : Don't call audit_logout() if pwd is NULL, as audit_logout() attempts to > : dereference it. > : This will happen if we ^D at the Login: prompt without having provided a > : valid login before. > : Set pwd to NULL on bad login attempts to prevent audit_logout() from being > : called for a user which didn't actually log on. > : > : Reported by: Jerome Magnin jethro at docisland dot org > > http://www.freebsd.org/cgi/query-pr.cgi?pr=103873 > > >
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?45200BDD.6080300>