Date: Sat, 5 Apr 1997 19:17:37 +0200 (CEST) From: blank@fox.uni-trier.de To: FreeBSD-gnats-submit@freebsd.org Subject: bin/3206: FreeBSD 2.2-STABLE: su seg-faults on invalid command line Message-ID: <199704051717.TAA20407@sliphost37.uni-trier.de> Resent-Message-ID: <199704051730.JAA17959@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
>Number: 3206 >Category: bin >Synopsis: su seg-faults when being invoked with an invalid command line >Confidential: no >Severity: non-critical >Priority: medium >Responsible: freebsd-bugs >State: open >Class: sw-bug >Submitter-Id: current-users >Arrival-Date: Sat Apr 5 09:30:00 PST 1997 >Last-Modified: >Originator: Sascha Blank >Organization: Computer Center of the University of Trier, Germany >Release: FreeBSD 2.2-STABLE i386 >Environment: FreeBSD 2.2-STABLE, current as of ctm-src-2.2 #0226 ident /usr/src/usr.bin/su/su.c says: $Id: su.c,v 1.14.2.1 1997/03/07 09:01:23 joerg Exp $ >Description: Calling su with an invalid command line like this one su -- or this one su --m makes su quit with a segmentation fault: Apr 5 19:00:56 sliphost37 /kernel: pid 20268 (su), uid 0: exited on signal 11 >How-To-Repeat: See above. >Fix: The reason for the fault is easy to find. The variable "user" is supposed to hold the user name given on the command line (or "root" if none is given). In case of an invalied argument like above "user" is set to NULL, which will later make the "getpwnam(user)"-call fail. My little diff below fixes this problem by explicitely checking if "user" has been set to NULL. If so, it makes the program show "usage..." and exit properly. *** su.c.CURRENT Sat Apr 5 18:55:03 1997 --- su.c Sat Apr 5 19:06:21 1997 *************** *** 137,142 **** --- 137,148 ---- break; } + if(user == NULL) { + (void)fprintf(stderr, "usage: su [%s] [login]\n", + ARGSTR); + exit(1); + } + if((nargv = malloc (sizeof (char *) * (argc + 4))) == NULL) { errx(1, "malloc failure"); } -- Sascha Blank - mailto:blank@fox.uni-trier.de Student and System Administrator at the University of Trier, Germany Finger my account to receive my Public PGP key I don't speak for my employers, they don't pay me enough for that. >Audit-Trail: >Unformatted:
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199704051717.TAA20407>