| delorie.com/archives/browse.cgi | search |
| X-Recipient: | archive-cygwin AT delorie DOT com |
| DomainKey-Signature: | a=rsa-sha1; c=nofws; d=sourceware.org; h=list-id |
| :list-unsubscribe:list-subscribe:list-archive:list-post | |
| :list-help:sender:date:from:to:subject:message-id:reply-to | |
| :references:mime-version:content-type:in-reply-to; q=dns; s= | |
| default; b=kCwwvZ0pvVWb7+Tg/S34DfTZvmQXX702Et0MKkDZHTjIfKuNlmUrT | |
| 1ObzqT3xiZG0JtLFn7XRslqGiUH4Yhq39w4gq3u2JBI2aVCNOgl345SUWwB6L876 | |
| /5UrWs32GI6szV6xPYbQx52qmNpPHeINFsfhUGIp4KGjCih2Spfraw= | |
| DKIM-Signature: | v=1; a=rsa-sha1; c=relaxed; d=sourceware.org; h=list-id |
| :list-unsubscribe:list-subscribe:list-archive:list-post | |
| :list-help:sender:date:from:to:subject:message-id:reply-to | |
| :references:mime-version:content-type:in-reply-to; s=default; | |
| bh=AvRYP35ULlBfugcB+/769lG96sE=; b=skNXjiB6Qi1NqZZAjr8E/tcvvUM/ | |
| q1j+/t+Y7uqz0E08Uh/QKdQowonMoQLGgKM28Dwl/zUWoIpnNMMI1+kw9CGQTHXT | |
| 7YVOH5DM30ODPr1x/xlAPXHcABDE9IcWpu7GUAifwPIjs26Se60BRKdBg56uYabA | |
| A5mfePlARGNlieg= | |
| Mailing-List: | contact cygwin-help AT cygwin DOT com; run by ezmlm |
| List-Id: | <cygwin.cygwin.com> |
| List-Subscribe: | <mailto:cygwin-subscribe AT cygwin DOT com> |
| List-Archive: | <http://sourceware.org/ml/cygwin/> |
| List-Post: | <mailto:cygwin AT cygwin DOT com> |
| List-Help: | <mailto:cygwin-help AT cygwin DOT com>, <http://sourceware.org/ml/#faqs> |
| Sender: | cygwin-owner AT cygwin DOT com |
| Mail-Followup-To: | cygwin AT cygwin DOT com |
| Delivered-To: | mailing list cygwin AT cygwin DOT com |
| Authentication-Results: | sourceware.org; auth=none |
| X-Virus-Found: | No |
| X-Spam-SWARE-Status: | No, score=-5.9 required=5.0 tests=AWL,BAYES_00 autolearn=ham version=3.3.2 |
| X-HELO: | calimero.vinschen.de |
| Date: | Wed, 7 May 2014 17:24:36 +0200 |
| From: | Corinna Vinschen <corinna-cygwin AT cygwin DOT com> |
| To: | cygwin AT cygwin DOT com |
| Subject: | Re: snapshot 05/05: ssh segmentation fault within screen |
| Message-ID: | <20140507152436.GO30918@calimero.vinschen.de> |
| Reply-To: | cygwin AT cygwin DOT com |
| Mail-Followup-To: | cygwin AT cygwin DOT com |
| References: | <5368525F DOT 2070301 AT shaddybaddah DOT name> <20140506163936 DOT GY30918 AT calimero DOT vinschen DOT de> <536920BB DOT 3080102 AT redhat DOT com> <avikm99d63ccuk9lt1v6l39uo89c6dksfr AT 4ax DOT com> |
| MIME-Version: | 1.0 |
| In-Reply-To: | <avikm99d63ccuk9lt1v6l39uo89c6dksfr@4ax.com> |
| User-Agent: | Mutt/1.5.21 (2010-09-15) |
--ys8nbMVQRzTucb0g Content-Type: text/plain; charset=utf-8 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On May 7 11:16, Andrew Schulman wrote: > > On 05/06/2014 10:39 AM, Corinna Vinschen wrote: > >=20 > > > The problem, which I totally not realized since I started implementing > > > this stuff is, that by propagating this cache to child processes, said > > > child processes suffer from what the parent process does to the passwd > > > structures in the cache. > > >=20 > > > Screen seems to call getpwuid and then sets some of the pointers in t= he > > > passwd structure it got from the call to NULL, apparently for some so= rt > > > of security, this way overwriting the cached passwd struct for the > >=20 > > Bug in screen. POSIX states: > >=20 > > http://pubs.opengroup.org/onlinepubs/9699919799/functions/getpwuid.html > >=20 > > The application shall not modify the structure to which the return value > > points, nor any storage areas pointed to by pointers within the > > structure. The returned pointer, and pointers within the structure, > > might be invalidated or the structure or the storage areas might be > > overwritten by a subsequent call to getpwent(), getpwnam(), or getpwuid= (). >=20 > Fixing this would be well out of my depth, but I'll gladly include any > patches to screen that fix it. Never looked into the sources, but if you see something along the lines of pw_passwd =3D NULL; it's what I observed. > Meanwhile there's a new release of screen (4.2.1) upstream, about one year > newer than the last commit I packaged for Cygwin, so maybe this problem h= as > already been addressed. I'll get the new release out ASAP so we can test. For testing, please keep in mind to test with the latest snapshot showing the problem. That would be the 2014-05-05 snapshot. Thanks, Corinna --=20 Corinna Vinschen Please, send mails regarding Cygwin to Cygwin Maintainer cygwin AT cygwin DOT com Red Hat --ys8nbMVQRzTucb0g Content-Type: application/pgp-signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAEBAgAGBQJTalA0AAoJEPU2Bp2uRE+gVkEQAJh70+6wiGrmDpySSDzvIrSC 6hsxOTOVvAVARjvEqAq7wM/H4i801CvOIsclCfn4qNhqbMmYF+tNVQM9ngsVYFwL TFdGRH9WkRIsLN/CQP/TvcZKYBLpVbvYGk+pz5TmBG2nu1jYMTZUZxxxOTHTlNrJ moHEhQX5KqI08hUXZC9nj26jZJp48v3KBB0o7LGEtQMzEOuzpNLOkaO4CpYUHplq O7Sbx5738aydqM1fvejWhxy9hM/QVttw+hY1QPAbeUMfrKNU9O01hdqXshPsc1B4 OrkVzAjUst0gxPNe/uP1XLLLX/NbCunHRyHKhy6QRJXLATVehg4a+THS9dG1DIIA wyJpv3ht6twWojbjmzUYedc2IQJ+YnT/jCz33TCZg3BN41Mqz7pZz2yZQ+Ei1R6f b0k2Uu8Tszmm5WgsaQqdMDcNgM40u20KL3rvL0CLbR1qWOzFEtSfT6efKxuBMHFJ R3+hsAe3WEgqCz3VvA1TnWO0t06azbqFNFaQVYi1RN4wJakLllU/suxiTFdvmiOJ ELKQlLyM9O5zf4/9M4jLjWlzdr1H4cSEsE1kM9gYkNlg9NxG6uHCMYA0KQ9j4jlF mG86ThQBm6y69dfcMQh56Hi1M/TENyg34YJMYUd6zDwc9y7kwEpbdUW7Sjb7ztY7 skoo7dyqEatrTnZ7EjIU =Kg2a -----END PGP SIGNATURE----- --ys8nbMVQRzTucb0g--
| webmaster | delorie software privacy |
| Copyright © 2019 by DJ Delorie | Updated Jul 2019 |