bugzilla-daemon at bugzilla.mindrot.org
2010-Mar-31 17:44 UTC
[Bug 1748] New: getcwd being called with invalid argument in servconf.c
https://bugzilla.mindrot.org/show_bug.cgi?id=1748 Summary: getcwd being called with invalid argument in servconf.c Product: Portable OpenSSH Version: 5.4p1 Platform: Sparc OS/Version: Solaris Status: NEW Severity: critical Priority: P2 Component: sshd AssignedTo: unassigned-bugs at mindrot.org ReportedBy: dan.mitton at ymp.gov In servconf.c, the code segment... char * derelativise_path(const char *path) { char *expanded, *ret, *cwd; expanded = tilde_expand_filename(path, getuid()); if (*expanded == '/') return expanded; if ((cwd = getcwd(NULL, 0)) == NULL) fatal("%s: getcwd: %s", __func__, strerror(errno)); xasprintf(&ret, "%s/%s", cwd, expanded); xfree(cwd); xfree(expanded); return ret; } is calling getcwd(NULL, 0). In the man pages from Solaris, is says... ERRORS The getcwd() function will fail if: EINVAL The size argument is equal to 0. I suspect that this should be PATH_MAX, rather then 0. This routine, and hence the error, does not exist in 5.3p1. -- Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are watching the assignee of the bug.
bugzilla-daemon at bugzilla.mindrot.org
2010-Apr-09 00:30 UTC
[Bug 1748] getcwd being called with invalid argument in servconf.c
https://bugzilla.mindrot.org/show_bug.cgi?id=1748 Darren Tucker <dtucker at zip.com.au> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |dtucker at zip.com.au Blocks| |1743 Status|NEW |RESOLVED Resolution| |FIXED --- Comment #1 from Darren Tucker <dtucker at zip.com.au> 2010-04-09 10:30:27 EST --- Thanks for the report. This has been fixed and will be in the 5.5p1 release. You can confirm by testing a recent snapshot (http://www.mindrot.org/openssh_snap/). -- Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are watching the assignee of the bug. You are watching someone on the CC list of the bug.
bugzilla-daemon at bugzilla.mindrot.org
2010-Apr-16 05:50 UTC
[Bug 1748] getcwd being called with invalid argument in servconf.c
https://bugzilla.mindrot.org/show_bug.cgi?id=1748 Damien Miller <djm at mindrot.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|RESOLVED |CLOSED --- Comment #2 from Damien Miller <djm at mindrot.org> 2010-04-16 15:50:23 EST --- Mass move of bugs RESOLVED->CLOSED following the release of openssh-5.5p1 -- Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are watching the assignee of the bug. You are watching someone on the CC list of the bug.
Apparently Analagous Threads
- [Bug 1739] New: getcwd does not support size zero argument on Solaris
- Potential problem in derelativise_path
- possible deadcodes in sources
- [Bug 2278] New: 'configure --disable-lastlog' should mark PrintLastLog as unsupported in servconf.c
- [PATCH] dash: Fix "pwd -P" breakage due to getcwd(0, 0) usage