Source-Changes-HG archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

[src/netbsd-9]: src/libexec/telnetd Pull up following revision(s) (requested ...



details:   https://anonhg.NetBSD.org/src/rev/4bb0151331c3
branches:  netbsd-9
changeset: 369729:4bb0151331c3
user:      martin <martin%NetBSD.org@localhost>
date:      Mon Aug 29 16:13:25 2022 +0000

description:
Pull up following revision(s) (requested by dholland in ticket #1508):

        libexec/telnetd/telnetd.c: revision 1.58 (via patch)

telnetd: fix the crash that's been talked about the past couple days.

(Move initialization of the slc table earlier so it doesn't get
accessed before that happens.)

Calling the crash a DoS or security problem is a bit overwrought; it's
just a bug.

diffstat:

 libexec/telnetd/telnetd.c |  14 +++++++-------
 1 files changed, 7 insertions(+), 7 deletions(-)

diffs (42 lines):

diff -r 9b04eb93471e -r 4bb0151331c3 libexec/telnetd/telnetd.c
--- a/libexec/telnetd/telnetd.c Mon Aug 29 16:04:26 2022 +0000
+++ b/libexec/telnetd/telnetd.c Mon Aug 29 16:13:25 2022 +0000
@@ -1,4 +1,4 @@
-/*     $NetBSD: telnetd.c,v 1.55.28.1 2019/08/16 19:12:46 martin Exp $ */
+/*     $NetBSD: telnetd.c,v 1.55.28.2 2022/08/29 16:13:25 martin Exp $ */
 
 /*
  * Copyright (C) 1997 and 1998 WIDE Project.
@@ -65,7 +65,7 @@
 #if 0
 static char sccsid[] = "@(#)telnetd.c  8.4 (Berkeley) 5/30/95";
 #else
-__RCSID("$NetBSD: telnetd.c,v 1.55.28.1 2019/08/16 19:12:46 martin Exp $");
+__RCSID("$NetBSD: telnetd.c,v 1.55.28.2 2022/08/29 16:13:25 martin Exp $");
 #endif
 #endif /* not lint */
 
@@ -678,6 +678,11 @@
        char user_name[256];
 
        /*
+        * Initialize the slc mapping table.
+        */
+       get_slc_defaults();
+
+       /*
         * Find an available pty to use.
         */
        pty = getpty(&ptynum);
@@ -744,11 +749,6 @@
        struct pollfd set[2];
 
        /*
-        * Initialize the slc mapping table.
-        */
-       get_slc_defaults();
-
-       /*
         * Do some tests where it is desireable to wait for a response.
         * Rather than doing them slowly, one at a time, do them all
         * at once.



Home | Main Index | Thread Index | Old Index