bin/80661: [patch] [SECURITY] Missing NULL termination after strncpy() in rlogin(1)

Simon L. Nielsen simon at
Sun May 29 08:45:31 PDT 2005

Synopsis: [patch] [SECURITY] Missing NULL termination after strncpy() in rlogin(1)

State-Changed-From-To: open->feedback
State-Changed-By: simon
State-Changed-When: Sun May 29 15:33:56 GMT 2005
We (the Security Team) can't find anywhere in the code-path where this
bug where this could lead to a situation that could be exploited as a
security vulnerability.  You could crash rlogin, but not in a way
which would cause it to execute arbitrary cod as root.  Have you found
any explicit place this bug could be exploited?

In any case, I have committed the patch to RELENG_4 since not NUL
terminating the buffer is certainly a bug, even it's not a security

Thanks for the report.  I'm keeping the PR open in feedback state for
now, since I would like to hear comments from Przemyslaw Frasunek
before totally closing this issue.

Responsible-Changed-From-To: freebsd-bugs->simon
Responsible-Changed-By: simon
Responsible-Changed-When: Sun May 29 15:33:56 GMT 2005
I will handle followups.

More information about the freebsd-bugs mailing list