ports/116728: ckpasswd (contained INN) crashed
OOTOMO Hiroyuki
ootomo at za.wakwak.com
Sat Sep 29 05:20:02 UTC 2007
>Number: 116728
>Category: ports
>Synopsis: ckpasswd (contained INN) crashed
>Confidential: no
>Severity: critical
>Priority: medium
>Responsible: freebsd-ports-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: sw-bug
>Submitter-Id: current-users
>Arrival-Date: Sat Sep 29 05:20:01 GMT 2007
>Closed-Date:
>Last-Modified:
>Originator: OOTOMO Hiroyuki
>Release: 6.2-STABLE
>Organization:
>Environment:
FreeBSD sakura 6.2-STABLE FreeBSD 6.2-STABLE #1: Sun Aug 26 17:00:18 JST 2007 root at sakura:/usr/obj/usr/src/sys/SMP amd64
>Description:
INN news system contains ckpasswd(8) authentication program, but it sometimes crashes with SEGV.
Because ckpasswd uses strlcpy(3), and its destination string is sometimes not NULL-terminated.
>How-To-Repeat:
I don't know how to create the user-password-database which makes ckpasswd crash certainly.
>Fix:
add files/patch-authprogs_ckpasswd.c
--- authprogs/ckpasswd.c.orig 2006-03-20 13:14:57.000000000 +0900
+++ authprogs/ckpasswd.c 2007-09-29 13:20:47.000000000 +0900
@@ -170,7 +170,8 @@
return NULL;
}
password = xmalloc(value.dsize + 1);
- strlcpy(password, value.dptr, value.dsize + 1);
+ strncpy(password, value.dptr, value.dsize + 1);
+ password[value.dsize] = '\0';
dbm_close(database);
return password;
}
>Release-Note:
>Audit-Trail:
>Unformatted:
More information about the freebsd-ports-bugs
mailing list