[krbdev.mit.edu #8671] minor bug in ksu

classic Classic list List threaded Threaded
3 messages Options
Reply | Threaded
Open this post in threaded view
|

[krbdev.mit.edu #8671] minor bug in ksu

Jeffrey Arbuckle via RT
If argc is 0, ksu should crash with a null dereference at line 144
where it does strlen() on argv[0].  I believe that happens with every
program in the MIT krb5 tree, but we have received reports of argc == 0
issues specifically for ksu twice this month, which seems odd.  Out of
curiosity, can you explain how you arrived at this issue?
_______________________________________________
krb5-bugs mailing list
[hidden email]
https://mailman.mit.edu/mailman/listinfo/krb5-bugs
Reply | Threaded
Open this post in threaded view
|

Re: [krbdev.mit.edu #8671] minor bug in ksu

Jeffrey Arbuckle via RT
No reason, just looking at the code for setuid root programs installed in
RHEL.

On Tue, Apr 24, 2018 at 12:50 PM, Greg Hudson via RT <
[hidden email]> wrote:

> If argc is 0, ksu should crash with a null dereference at line 144
> where it does strlen() on argv[0].  I believe that happens with every
> program in the MIT krb5 tree, but we have received reports of argc == 0
> issues specifically for ksu twice this month, which seems odd.  Out of
> curiosity, can you explain how you arrived at this issue?
>

_______________________________________________
krb5-bugs mailing list
[hidden email]
https://mailman.mit.edu/mailman/listinfo/krb5-bugs
Reply | Threaded
Open this post in threaded view
|

Re: [krbdev.mit.edu #8671] minor bug in ksu

Jeffrey Arbuckle via RT
In reply to this post by Jeffrey Arbuckle via RT
No reason, just looking at the code for setuid root programs installed in
RHEL.

On Tue, Apr 24, 2018 at 12:50 PM, Greg Hudson via RT <
[hidden email]> wrote:

> If argc is 0, ksu should crash with a null dereference at line 144
> where it does strlen() on argv[0].  I believe that happens with every
> program in the MIT krb5 tree, but we have received reports of argc == 0
> issues specifically for ksu twice this month, which seems odd.  Out of
> curiosity, can you explain how you arrived at this issue?
>

_______________________________________________
krb5-bugs mailing list
[hidden email]
https://mailman.mit.edu/mailman/listinfo/krb5-bugs