Bug 643 - sshd bus faults (64bit) or segfaults (32bit) when reading /etc/default/login
Summary: sshd bus faults (64bit) or segfaults (32bit) when reading /etc/default/login
Status: CLOSED FIXED
Alias: None
Product: Portable OpenSSH
Classification: Unclassified
Component: sshd (show other bugs)
Version: -current
Hardware: UltraSPARC Solaris
: P1 critical
Assignee: OpenSSH Bugzilla mailing list
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2003-09-17 10:13 AEST by Darren Tucker
Modified: 2004-04-14 12:24 AEST (History)
0 users

See Also:


Attachments
Fix size_t -> u_int (512 bytes, patch)
2003-09-17 10:23 AEST, Darren Tucker
no flags Details | Diff
Check for missing /etc/default/login (763 bytes, patch)
2003-09-17 23:35 AEST, Darren Tucker
no flags Details | Diff

Note You need to log in before you can comment on or make changes to this bug.
Description Darren Tucker 2003-09-17 10:13:56 AEST
This can be worked around by commenting out the line in config.h that contains 
"HAVE_ETC_DEFAULT_LOGIN" and recompiling.
Comment 1 Darren Tucker 2003-09-17 10:23:53 AEST
Created attachment 402 [details]
Fix size_t -> u_int
Comment 2 Darren Tucker 2003-09-17 23:35:32 AEST
Created attachment 410 [details]
Check for missing /etc/default/login

Test for NULL pointer deref when /etc/default/login does not exist.
Patch from Georg Oppenberg (georg.oppenberg at deu mci com)
Comment 3 Andreas Kuntzagk 2003-09-18 19:08:30 AEST
while the workaround is fine if you know at compile time, that
/etc/default/login is not existing or not readable, it creates problems, if this
is changed at a later time.

E.g. using the TITAN system hardening scripts sets this to non-user-readable.
login to sshd will silently fail without an explanation.
Had a hard time figuring out the cause of this.
Comment 4 Darren Tucker 2003-09-18 19:44:21 AEST
Agreed about the work-around, but attachment id #410 seems to solve it properly
for me (tested Solaris 8, sun4m, unreadable and missing file).  If
/etc/default/login is not readable by the user, you won't get the settings in
it, though.
Comment 5 Darren Tucker 2003-09-19 20:57:53 AEST
Have committed patch to both HEAD and 3.7 branch.
Comment 6 Damien Miller 2004-04-14 12:24:19 AEST
Mass change of RESOLVED bugs to CLOSED