Date: Mon, 29 Sep 1997 09:43:11 -0700 (PDT) From: jlind@skypoint.com To: freebsd-gnats-submit@FreeBSD.ORG Subject: bin/4652: fclose on NULL pointer causes rdist to Seg V with remote rdist can't run Message-ID: <199709291643.JAA21495@hub.freebsd.org> Resent-Message-ID: <199709291650.JAA21922@hub.freebsd.org>
next in thread | raw e-mail | index | archive | help
>Number: 4652 >Category: bin >Synopsis: fclose on NULL pointer causes rdist to Seg V with remote rdist can't run >Confidential: no >Severity: non-critical >Priority: medium >Responsible: freebsd-bugs >State: open >Class: sw-bug >Submitter-Id: current-users >Arrival-Date: Mon Sep 29 09:50:00 PDT 1997 >Last-Modified: >Originator: John Lind >Organization: SkyPoint Communications, Inc. >Release: 2.2.2 >Environment: FreeBSD mirage.skypoint.com 2.2.2-RELEASE FreeBSD 2.2.2-RELEASE #0: Tue Aug 26 1 4:41:47 CDT 1997 root@oasis.skypoint.net:/usr/src/sys/compile/OASIS i386 >Description: The setjmp in doarrow (docmd.c line 145) happens before the makeconn and logfile opens. If the rsh->rdist remote execution fails early on, lostconn will be called in makeconn before the log file open occurs, causing the longjmp to occur, transfer to the label "done" and there try to do an fclose on lfp, which is uninitialized. >How-To-Repeat: One easy way -- remove the execute permission on rdist on the remote system. >Fix: I simply protected the fclose(lfp) with a test for NULL and made sure that lfp was initialized to NULL (for systems that don't do clearcore or whatever). It is arguable whether this is correct. Perhaps moving the setjmp down or the logfile open up would be better. I didn't have sufficient familiarity with the code to propose the "correct" solution and send in a patch. >Audit-Trail: >Unformatted:
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199709291643.JAA21495>