Subject: bin/4284: yet another wrong rcmd call
To: None <gnats-bugs@gnats.netbsd.org>
From: Tatoku Ogaito <tacha@tera.fukui-med.ac.jp>
List: netbsd-bugs
Date: 10/17/1997 22:41:33
>Number: 4284
>Category: bin
>Synopsis: yet another wrong rcmd call
>Confidential: no
>Severity: serious
>Priority: medium
>Responsible: bin-bug-people (Utility Bug People)
>State: open
>Class: sw-bug
>Submitter-Id: net
>Arrival-Date: Fri Oct 17 06:50:05 1997
>Last-Modified:
>Originator: Tatoku Ogaito
>Organization:
----- : Tatoku Ogaito
/ _ _ _/ _ : Department of Physics, Fukui Medical University
/ (_|(_ /)(_| : E-mail: tacha@tera.fukui-med.ac.jp
>Release: 1997/10/17
>Environment:
System: NetBSD tera.fukui-med.ac.jp 1.2G NetBSD 1.2G (TERA) #96: Fri Oct 17 13:00:53 JST 1997 root@tera.fukui-med.ac.jp:/usr/current/src/sys/arch/i386/compile/TERA i386
>Description:
the function tolocal in bin/rcp/rcp.c invoke
rcmd(3) with getpwent(3) results. So under some condition,
rcp will fail.
>How-To-Repeat:
look rcp.c and the bug section of rcmd(3).
>Fix:
*** bin/rcp/rcp.c.orig Sun Sep 14 20:06:32 1997
--- bin/rcp/rcp.c Fri Oct 17 22:36:45 1997
***************
*** 332,339 ****
char *argv[];
{
int i, len;
! char *bp, *host, *src, *suser;
for (i = 0; i < argc - 1; i++) {
if (!(src = colon(argv[i]))) { /* Local to local. */
len = strlen(_PATH_CP) + strlen(argv[i]) +
--- 332,342 ----
char *argv[];
{
int i, len;
! char *bp, *host, *src, *suser, *user;
+ if (NULL == (user = strdup(pwd->pw_name)))
+ err(1,"malloc");
+
for (i = 0; i < argc - 1; i++) {
if (!(src = colon(argv[i]))) { /* Local to local. */
len = strlen(_PATH_CP) + strlen(argv[i]) +
***************
*** 353,364 ****
src = ".";
if ((host = strchr(argv[i], '@')) == NULL) {
host = argv[i];
! suser = pwd->pw_name;
} else {
*host++ = 0;
suser = argv[i];
if (*suser == '\0')
! suser = pwd->pw_name;
else if (!okname(suser))
continue;
}
--- 356,367 ----
src = ".";
if ((host = strchr(argv[i], '@')) == NULL) {
host = argv[i];
! suser = user;
} else {
*host++ = 0;
suser = argv[i];
if (*suser == '\0')
! suser = user;
else if (!okname(suser))
continue;
}
***************
*** 369,377 ****
rem =
#ifdef KERBEROS
use_kerberos ?
! kerberos(&host, bp, pwd->pw_name, suser) :
#endif
! rcmd(&host, port, pwd->pw_name, suser, bp, 0);
(void)free(bp);
if (rem < 0) {
++errs;
--- 372,380 ----
rem =
#ifdef KERBEROS
use_kerberos ?
! kerberos(&host, bp, user, suser) :
#endif
! rcmd(&host, port, user, suser, bp, 0);
(void)free(bp);
if (rem < 0) {
++errs;
>Audit-Trail:
>Unformatted: