Bugzilla – Attachment 3110 Details for
Bug 2777
sshd crashes when getpwnam result is returned by libnss_systemd
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
keep scrubbed copy of passwd struct
bz2777.diff (text/plain), 987 bytes, created by
Damien Miller
on 2018-01-05 14:58:27 AEDT
(
hide
)
Description:
keep scrubbed copy of passwd struct
Filename:
MIME Type:
Creator:
Damien Miller
Created:
2018-01-05 14:58:27 AEDT
Size:
987 bytes
patch
obsolete
>commit e5b4d1ffe2f523a2a3c995f1aa5fc7130325976c >Author: Damien Miller <djm@mindrot.org> >Date: Fri Jan 5 14:58:05 2018 +1100 > > bz2777 > >diff --git a/sshd.c b/sshd.c >index a8c4e5d..e0cc58f 100644 >--- a/sshd.c >+++ b/sshd.c >@@ -502,8 +502,9 @@ privsep_preauth_child(void) > if ((pw = getpwnam(SSH_PRIVSEP_USER)) == NULL) > fatal("Privilege separation user %s does not exist", > SSH_PRIVSEP_USER); >- explicit_bzero(pw->pw_passwd, strlen(pw->pw_passwd)); >+ pw = pwcopy(pw); /* Ensure mutable */ > endpwent(); >+ freezero(pw->pw_passwd, strlen(pw->pw_passwd)); > > /* Change our root directory */ > if (chroot(_PATH_PRIVSEP_CHROOT_DIR) == -1) >@@ -1674,6 +1675,7 @@ main(int ac, char **av) > if (getpwnam(SSH_PRIVSEP_USER) == NULL) > fatal("Privilege separation user %s does not exist", > SSH_PRIVSEP_USER); >+ endpwent(); > if ((stat(_PATH_PRIVSEP_CHROOT_DIR, &st) == -1) || > (S_ISDIR(st.st_mode) == 0)) > fatal("Missing privilege separation directory: %s",
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=3110">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Flags:
dtucker
:
ok+
Actions:
View
|
Diff
Attachments on
bug 2777
: 3110