Date: Wed, 12 Jun 2002 16:11:52 -0700 (PDT) From: Archie Cobbs <archie@packetdesign.com> To: FreeBSD-gnats-submit@FreeBSD.org Subject: bin/39206: core dump bug in sshd Message-ID: <200206122311.g5CNBqM29132@bubba.packetdesign.com>
next in thread | raw e-mail | index | archive | help
>Number: 39206
>Category: bin
>Synopsis: core dump bug in sshd
>Confidential: no
>Severity: non-critical
>Priority: medium
>Responsible: freebsd-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: sw-bug
>Submitter-Id: current-users
>Arrival-Date: Wed Jun 12 16:20:01 PDT 2002
>Closed-Date:
>Last-Modified:
>Originator: Archie Cobbs
>Release: FreeBSD 4.5-RELEASE i386
>Organization:
Packet Design
>Environment:
System: FreeBSD bubba.packetdesign.com 4.5-RELEASE FreeBSD 4.5-RELEASE #0: Sun Feb 3 10:00:07 PST 2002 archie@bubba.packetdesign.com:/usr/obj/usr/src/sys/BUBBA i386
>Description:
Compiling sshd with -Wall produces the following output from GCC
when -DHAVE_LOGIN_CAP is not used.
The "newcommand" warning and the "do_child" warnings represent
potential core dumps it appears.
auth1.c: In function `do_authloop':
auth1.c:88: warning: unused variable `authlog'
session.c: In function `do_login':
session.c:668: warning: unused variable `buf'
session.c:666: warning: unused variable `f'
session.c:667: warning: `newcommand' might be used uninitialized in this function
session.c: In function `do_child':
session.c:1299: warning: char format, different type arg (arg 3)
Note: I've hacked the makefile to compile it like I want
it but not any of the sources.
>How-To-Repeat:
>Fix:
Not sure if the fix for "ttyname" is correct, but here goes:
diff -ur /usr/src/crypto/openssh/auth1.c ./auth1.c
--- /usr/src/crypto/openssh/auth1.c Thu Sep 27 18:33:33 2001
+++ ./auth1.c Wed Jun 12 16:05:48 2002
@@ -85,7 +85,6 @@
u_int ulen;
int type = 0;
struct passwd *pw = authctxt->pw;
- void (*authlog) (const char *fmt,...) = verbose;
#ifdef HAVE_LOGIN_CAP
login_cap_t *lc;
#endif /* HAVE_LOGIN_CAP */
diff -ur /usr/src/crypto/openssh/session.c ./session.c
--- /usr/src/crypto/openssh/session.c Sun Dec 2 16:53:28 2001
+++ ./session.c Wed Jun 12 16:09:15 2002
@@ -663,9 +663,11 @@
void
do_login(Session *s, const char *command)
{
- FILE *f;
- char *time_string, *newcommand;
+ char *time_string, *newcommand = NULL;
+#ifdef HAVE_LOGIN_CAP
char buf[256];
+ FILE *f;
+#endif
char hostname[MAXHOSTNAMELEN];
socklen_t fromlen;
struct sockaddr_storage from;
@@ -1288,7 +1290,7 @@
if (login_getcapbool(lc, "requirehome", 0)) {
(void)printf("Home directory not available\n");
log("LOGIN %.200s REFUSED (HOMEDIR) ON TTY %.200s",
- pw->pw_name, ttyname);
+ pw->pw_name, ttyname(0));
exit(254);
}
#endif /* HAVE_LOGIN_CAP */
@@ -1296,7 +1298,7 @@
if (chdir("/") < 0) {
(void)printf("Cannot find root directory\n");
log("LOGIN %.200s REFUSED (ROOTDIR) ON TTY %.200s",
- pw->pw_name, ttyname);
+ pw->pw_name, ttyname(0));
exit(254);
}
if (!check_quietlogin(s, command) || *pw->pw_dir)
>Release-Note:
>Audit-Trail:
>Unformatted:
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-bugs" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200206122311.g5CNBqM29132>