Source-Changes-HG archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

[src/netbsd-8]: src/libexec/telnetd Pull up following revision(s) (requested ...



details:   https://anonhg.NetBSD.org/src/rev/3e0445b63762
branches:  netbsd-8
changeset: 369733:3e0445b63762
user:      martin <martin%NetBSD.org@localhost>
date:      Mon Aug 29 16:14:57 2022 +0000

description:
Pull up following revision(s) (requested by dholland in ticket #1757):

        libexec/telnetd/telnetd.c: revision 1.58 (via patch)

telnetd: fix the crash that's been talked about the past couple days.

(Move initialization of the slc table earlier so it doesn't get
accessed before that happens.)

Calling the crash a DoS or security problem is a bit overwrought; it's
just a bug.

diffstat:

 libexec/telnetd/telnetd.c |  14 +++++++-------
 1 files changed, 7 insertions(+), 7 deletions(-)

diffs (42 lines):

diff -r 184050ba55a4 -r 3e0445b63762 libexec/telnetd/telnetd.c
--- a/libexec/telnetd/telnetd.c Sun Aug 28 13:32:34 2022 +0000
+++ b/libexec/telnetd/telnetd.c Mon Aug 29 16:14:57 2022 +0000
@@ -1,4 +1,4 @@
-/*     $NetBSD: telnetd.c,v 1.55 2014/02/27 18:20:21 joerg Exp $       */
+/*     $NetBSD: telnetd.c,v 1.55.18.1 2022/08/29 16:14:57 martin Exp $ */
 
 /*
  * Copyright (C) 1997 and 1998 WIDE Project.
@@ -65,7 +65,7 @@
 #if 0
 static char sccsid[] = "@(#)telnetd.c  8.4 (Berkeley) 5/30/95";
 #else
-__RCSID("$NetBSD: telnetd.c,v 1.55 2014/02/27 18:20:21 joerg Exp $");
+__RCSID("$NetBSD: telnetd.c,v 1.55.18.1 2022/08/29 16:14:57 martin Exp $");
 #endif
 #endif /* not lint */
 
@@ -682,6 +682,11 @@
        char user_name[256];
 
        /*
+        * Initialize the slc mapping table.
+        */
+       get_slc_defaults();
+
+       /*
         * Find an available pty to use.
         */
        pty = getpty(&ptynum);
@@ -748,11 +753,6 @@
        struct pollfd set[2];
 
        /*
-        * Initialize the slc mapping table.
-        */
-       get_slc_defaults();
-
-       /*
         * Do some tests where it is desireable to wait for a response.
         * Rather than doing them slowly, one at a time, do them all
         * at once.



Home | Main Index | Thread Index | Old Index