Date: Fri, 4 Dec 1998 21:39:27 -0500 (EST) From: "John W. DeBoskey" <jwd@unx.sas.com> To: freebsd-current@FreeBSD.ORG Subject: Something fishy with telnetd (non-zero initialized static?) Message-ID: <199812050239.VAA02555@bb01f39.unx.sas.com>
next in thread | raw e-mail | index | archive | help
Hi,
The following is from a 3.0-19981202-SNAP system.
When I telnet into this newly installed system, the prompt
I get is:
---------------------------------------------------------
Connected to bb08f01.unx.sas.com.
Escape character is '^]'.
/ (bb08f01.unx.sas.com) (ttyp1)
login:
---------------------------------------------------------
Note the '/' char in column one. Well, I say, "It shouldn't be
like that, it should look like:"
---------------------------------------------------------
Connected to bb08f01.unx.sas.com.
Escape character is '^]'.
FreeBSD/i386 (bb08f01.unx.sas.com) (ttyp1)
login:
---------------------------------------------------------
I have verified that this bug occurs on 2 different installations
of the 3.0-19981202-SNAP.
Too make a long story short, the following code in
/usr/src/libexec/telnetd/utility.c looks to be the fishy
culprit to me (added: 1.8 Sun Feb 2 7:33:50 1997 UTC by davidn):
#ifdef __FreeBSD__
static struct utsname kerninfo;
if (!*kerninfo.sysname)
uname(&kerninfo);
#endif
Well, I ktraced /usr/libexec/telnetd (minor change to inetd.conf),
and sysctl() is never being called, thus I assume that the 'if'
statement is false (should be true).
To prove myself correct, I rebuilt and installed a debug version
of telnetd where I memset() kerninfo to zero and the 5 sysctl() calls
in uname() show up correctly. I wonder if we are getting non-zero
pages mapped in... ???
Below are the relevant portions of the ktrace output.
Any comments, ideas, critiques, etc, are welcome at this point.
Thanks!
John
--- Failing telnetd -------------------------------------
std.230400|230400-baud:\\
:np:sp#230400:
#
# "
3725 telnetd RET read 1024/0x400
3725 telnetd CALL close(0x4)
3725 telnetd RET close 0
3725 telnetd CALL madvise(0x805e000,0x1000,0x5)
3725 telnetd RET madvise 0
*
*
* sysctl() calls missing here
*
*
3725 telnetd CALL ioctl(0x3,TIOCGETA,0x8059d44)
3725 telnetd RET ioctl 0
3725 telnetd CALL ioctl(0x3,TIOCGETA,0x8059d44)
3725 telnetd RET ioctl 0
3725 telnetd CALL write(0,0x80592a0,0xc)
3725 telnetd GIO fd 0 wrote 12 bytes
"\M^?\M-{\^A\M^?\M-z!\^B\M^?\M-p\M^?\M-~""
3725 telnetd RET write 12/0xc
3725 telnetd CALL ioctl(0x3,TIOCSWINSZ,0xefbfd6bc)
3725 telnetd RET ioctl 0
3725 telnetd CALL ioctl(0x3,TIOCGETA,0x8059d44)
3725 telnetd RET ioctl 0
3725 telnetd CALL write(0,0x80592a0,0x38)
3725 telnetd GIO fd 0 wrote 56 bytes
"\M^?\M-z"\^C\^A\0\0\^C\M-b\^C\^D\M^B\^O\^E\M^B\^T\a\M-b\^\\b\M^B\^D\
\M-B\^Z
\M^B\^?\v\M^B\^U\f\M^B\^W\r\M^B\^R\^N\M^B\^V\^O\M^B\^Q\^P\M^B\^S\^Q\
\M^@\M^?\M^?\^R\M^@\M^?\M^?\M^?\M-p"
3725 telnetd RET write 56/0x38
3725 telnetd CALL madvise(0x805c000,0x1000,0x5)
3725 telnetd RET madvise 0
3725 telnetd CALL fork
3725 telnetd RET fork 3726/0xe8e
3725 telnetd CALL select(0x4,0xefbfd7f8,0xefbfd778,0xefbfd6f8,0)
3725 telnetd RET select 2
3725 telnetd CALL read(0,0x8058da0,0x400)
3725 telnetd GIO fd 0 read 6 bytes
"\M^?\M-}\^A\M^?\M-|""
3725 telnetd RET read 6
3725 telnetd CALL write(0,0x80592a0,0x25)
3725 telnetd GIO fd 0 wrote 37 bytes
"\r
/ (bb08f01.unx.sas.com) (ttyp1)\r
\r
"
--- Working telnetd -------------------------------------
std.230400|230400-baud:\\
:np:sp#230400:
#
# "
3721 telnetd RET read 1024/0x400
3721 telnetd CALL close(0x4)
3721 telnetd RET close 0
3721 telnetd CALL madvise(0x8057000,0x1000,0x5)
3721 telnetd RET madvise 0
3721 telnetd CALL __sysctl(0xefbfd5e8,0x2,0x80516b0,0xefbfd5f0,0,0)
3721 telnetd RET __sysctl 0
3721 telnetd CALL __sysctl(0xefbfd5e8,0x2,0x80516d0,0xefbfd5f0,0,0)
3721 telnetd RET __sysctl 0
3721 telnetd CALL __sysctl(0xefbfd5e8,0x2,0x80516f0,0xefbfd5f0,0,0)
3721 telnetd RET __sysctl 0
3721 telnetd CALL __sysctl(0xefbfd5e8,0x2,0x8051710,0xefbfd5f0,0,0)
3721 telnetd RET __sysctl -1 errno 12 Cannot allocate memory
3721 telnetd CALL __sysctl(0xefbfd5e8,0x2,0x8051730,0xefbfd5f0,0,0)
3721 telnetd RET __sysctl 0
3721 telnetd CALL ioctl(0x3,TIOCGETA,0x8052a94)
3721 telnetd RET ioctl 0
3721 telnetd CALL ioctl(0x3,TIOCGETA,0x8052a94)
3721 telnetd RET ioctl 0
3721 telnetd CALL write(0,0x8051ff0,0xc)
3721 telnetd GIO fd 0 wrote 12 bytes
"\M^?\M-{\^A\M^?\M-z!\^B\M^?\M-p\M^?\M-~""
3721 telnetd RET write 12/0xc
3721 telnetd CALL ioctl(0x3,TIOCSWINSZ,0xefbfd664)
3721 telnetd RET ioctl 0
3721 telnetd CALL ioctl(0x3,TIOCGETA,0x8052a94)
3721 telnetd RET ioctl 0
3721 telnetd CALL write(0,0x8051ff0,0x38)
3721 telnetd GIO fd 0 wrote 56 bytes
"\M^?\M-z"\^C\^A\0\0\^C\M-b\^C\^D\M^B\^O\^E\M^B\^T\a\M-b\^\\b\M^B\^D\
\M-B\^Z
\M^B\^?\v\M^B\^U\f\M^B\^W\r\M^B\^R\^N\M^B\^V\^O\M^B\^Q\^P\M^B\^S\^Q\
\M^@\M^?\M^?\^R\M^@\M^?\M^?\M^?\M-p"
3721 telnetd RET write 56/0x38
3721 telnetd CALL madvise(0x8055000,0x1000,0x5)
3721 telnetd RET madvise 0
3721 telnetd CALL fork
3721 telnetd RET fork 3722/0xe8a
3721 telnetd CALL select(0x10,0xefbfd7a8,0xefbfd728,0xefbfd6a8,0)
3721 telnetd RET select 2
3721 telnetd CALL read(0,0x8051af0,0x400)
3721 telnetd GIO fd 0 read 6 bytes
"\M^?\M-}\^A\M^?\M-|""
3721 telnetd RET read 6
3721 telnetd CALL write(0,0x8051ff0,0x36)
3721 telnetd GIO fd 0 wrote 54 bytes
"\r\0\r
FreeBSD/i386 (bb08f01.unx.sas.com) (ttyp1)\r\0\r
\r\0\r
"
3721 telnetd RET write 54/0x36
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-current" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199812050239.VAA02555>