Problem with klogind/kshd

Tim Gaastra tim at gaastra.net
Wed May 1 21:07:16 EDT 2002


Well, I shorthanded that we make sure to set the length of the third
argument to strncpy to at most the size of the term array (Didn't feel
the need to explain EVERY step)

But yes, the problem did, after some more testing turn out to be how
strncpy and strncmp functioned in every instance in login.krb5... But
here's the kicker: It ONLY happened when execed from kerberized telnetd
and klogind. If I ran login.krb5 by itself, or from agetty or the like,
it was just fine, but run from the execle in klogind, it would silently
die in the middle of every strncpy.

The solution for now has been to (carefully) reimplement strncpy (I
know, I used to mark down people for this when I taught C) as C
functions and link it in in lieu of the standard ones. So yes, sounds
like a compiler bug, but a very strange one, since plenty of other
programs that use strncpy work quite happily with that compiler/copy of
strncpy.S. The solutions serves for now though. Fixing the compiler is
something that will be more difficult, since that compiler is the
"approved" one for this IA64 Linux that's been used to produce the rest
of the system (not my system).

-----Original Message-----
From: kerberos-admin at mit.edu [mailto:kerberos-admin at mit.edu] On Behalf
Of Marc Horowitz
Sent: Wednesday, May 01, 2002 5:24 PM
To: kerberos at mit.edu
Subject: Re: Problem with klogind/kshd


tim at gaastra.net ("Tim Gaastra") writes:

>> One confirmed problem: crashing in login.krb5
>> 
>> Because of:
>> Src/appl/bsd/login.c
>> Line 1193: strncpy(term, getenv("TERM"), sizeof(term));
>> 
>> Apparently, there have been issues with strncpy and alignment 
>> problems with the IA64 in the past...
>> 
>> The current kludgey fix has been to make a pointer, assign the getenv

>> to it, strlen the pointer, assign that to a size_t, and then call the

>> strncpy as strncpy(term,<pointer>,<size_t>);

This sounds an awful lot like a libc or compiler bug, not a kerberos
bug.  Perhaps you should fix it there. 

Also, your fix is broken: if $TERM is longer than the term array, you're
guaranteed a core dump.

                Marc ________________________________________________
Kerberos mailing list           Kerberos at mit.edu
http://mailman.mit.edu/mailman/listinfo/kerberos




More information about the Kerberos mailing list