Skip Menu |
 

Download (untitled) / with headers
text/plain 2.1KiB
From ghudson@MIT.EDU Sun Jun 14 15:14:04 1998
Received: from MIT.EDU (PACIFIC-CARRIER-ANNEX.MIT.EDU [18.69.0.28]) by rt-11.MIT.EDU (8.7.5/8.7.3) with SMTP id PAA19935 for <bugs@RT-11.MIT.EDU>; Sun, 14 Jun 1998 15:14:03 -0400
Received: from SMALL-GODS.MIT.EDU by MIT.EDU with SMTP
id AA11816; Sun, 14 Jun 98 15:14:05 EDT
Received: by small-gods.mit.edu (SMI-8.6/4.7) id PAA00576; Sun, 14 Jun 1998 15:14:01 -0400
Message-Id: <199806141914.PAA00576@small-gods.mit.edu>
Date: Sun, 14 Jun 1998 15:14:01 -0400
From: ghudson@MIT.EDU
Reply-To: ghudson@MIT.EDU
To: krb5-bugs@MIT.EDU
Subject: rlogin -a dumps core
X-Send-Pr-Version: 3.99

Show quoted text
>Number: 612
>Category: krb5-appl
>Synopsis: rlogin -a dumps core
>Confidential: no
>Severity: non-critical
>Priority: low
>Responsible: gjking
>State: feedback
>Class: sw-bug
>Submitter-Id: unknown
>Arrival-Date: Sun Jun 14 15:15:01 EDT 1998
>Last-Modified: Mon Jul 27 00:14:40 EDT 1998
>Originator: Greg Hudson
>Organization:
MIT
Show quoted text
>Release: 1.0pl1
>Environment:

System: SunOS small-gods.mit.edu 5.6 Generic_105181-04 sun4u sparc SUNW,Ultra-1
Architecture: sun4

Show quoted text
>Description:
rlogin -a passes a null value of locuser to kcmd(), which then gets handed to
strlen(), causing a core dump.
Show quoted text
>How-To-Repeat:
rlogin -a to a host which accepts krb5 rlogin connections.
Show quoted text
>Fix:
Index: krlogin.c
===================================================================
RCS file: /afs/dev.mit.edu/source/repository/third/krb5/src/appl/bsd/krlogin.c,v
retrieving revision 1.2
diff -c -r1.2 krlogin.c
*** krlogin.c 1997/10/19 03:44:28 1.2
--- krlogin.c 1998/06/13 05:12:23
***************
*** 575,581 ****
authopts |= OPTS_FORWARDABLE_CREDS;

status = kcmd(&sock, &host, debug_port,
! null_local_username ? NULL : pwd->pw_name,
name ? name : pwd->pw_name, term,
0, "host", krb_realm,
&cred,
--- 575,581 ----
authopts |= OPTS_FORWARDABLE_CREDS;

status = kcmd(&sock, &host, debug_port,
! null_local_username ? "" : pwd->pw_name,
name ? name : pwd->pw_name, term,
0, "host", krb_realm,
&cred,
Show quoted text
>Audit-Trail:
>Unformatted:
Patch applied in krlogin.c rev 5.59