Skip site navigation (1)Skip section navigation (2) 
Date:      Sun, 01 Oct 2006 13:41:33 -0500
From:      "Christian S.J. Peron" <csjp@sqrt.ca>
To:        Ruslan Ermilov <ru@FreeBSD.org>
Cc:        freebsd-bugs@FreeBSD.org, csjp@FreeBSD.org
Subject:   Re: bin/103873: login(1) SEGFAULT on unsuccessful login
Message-ID:  <45200BDD.6080300@sqrt.ca>
In-Reply-To: <200610011732.k91HW1OF004225@freefall.freebsd.org>
References:  <200610011732.k91HW1OF004225@freefall.freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help 

Thanks for bringing this to my attention!

Revision 1.101 is not quite correct. Although I agree that 
unconditionally dereferencing the pwd pointer is problematic, not 
submitting any audit record at all could also be considered a big 
problem too. If the audit record can not be attributed to a user, we 
should be marking it as a non-attributable event by setting the audit ID 
to AU_DEFAUDITID, and setting the other uid/gid et al to -1. For 
example, in the OpenSSH code we do this when we cant attribute the event 
to any specific user:

header,99,10,OpenSSH login,0,Sun Oct  1 12:52:58 2006, + 92 msec
subject,-1,-1,-1,-1,-1,3277,3277,52157,10.0.0.1
text,invalid user name "sdfgsdf"
return,failure : No such process,4294967295
trailer,99

I will get this fixed up in HEAD and get it MFCed as soon as possible.

Ruslan Ermilov wrote:
> Synopsis: login(1) SEGFAULT on unsuccessful login
>
> Responsible-Changed-From-To: freebsd-bugs->csjp
> Responsible-Changed-By: ru
> Responsible-Changed-When: Sun Oct 1 17:29:34 UTC 2006
> Responsible-Changed-Why: 
> Christian did the MFC so he eats all the bugs now.  :-)
>
> The fix proposed in the PR should be replaced by simply MFCing
> rev. 1.101 to login.c:
>
> : date: 2006/03/28 15:30:42;  author: cognet;  state: Exp;  lines: +5 -2
> : Don't call audit_logout() if pwd is NULL, as audit_logout() attempts to
> : dereference it.
> : This will happen if we ^D at the Login: prompt without having provided a
> : valid login before.
> : Set pwd to NULL on bad login attempts to prevent audit_logout() from being
> : called for a user which didn't actually log on.
> : 
> : Reported by:    Jerome Magnin jethro at docisland dot org
>
> http://www.freebsd.org/cgi/query-pr.cgi?pr=103873
>
>
>

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?45200BDD.6080300>