[2348] in Kerberos-V5-bugs

home help back first fref pref prev next nref lref last post

pending/108: k5b7 ftpd

daemon@ATHENA.MIT.EDU (John Kilburg)
Fri Oct 11 19:52:07 1996

Resent-From: gnats@rt-11.MIT.EDU (GNATS Management)
Resent-To: gnats-admin@rt-11.MIT.EDU
Resent-Reply-To: krb5-bugs@MIT.EDU, John Kilburg <john@bok.physics.unlv.edu>
Date: Fri, 11 Oct 1996 16:51:18 -0700
From: John Kilburg <john@bok.physics.unlv.edu>
To: krb5-bugs@MIT.EDU


>Number:         108
>Category:       pending
>Synopsis:       k5b7 ftpd
>Confidential:   yes
>Severity:       serious
>Priority:       medium
>Responsible:    gnats-admin
>State:          open
>Class:          sw-bug
>Submitter-Id:   unknown
>Arrival-Date:   Fri Oct e 19:52:00 EDT 1996
>Last-Modified:
>Originator:
>Organization:
>Release:
>Environment:
>Description:
>How-To-Repeat:
>Fix:
>Audit-Trail:
>Unformatted:
I think I found a problem in gssftp/ftpd...

I tried running ftpd on the alphas but it failed on things like 'ls'.
I tracked this down to a failure in secure_fprintf().  Well, at
least when I made it use STDARG like the other variable argument
functions ftpd started working better on the alphas.  This is
running DEC UNIX 3.2C (cc).  It also seems to work fine on SGI
IRIX 6.2 (cc) and SunOS 4.1.x (gcc).  I'm having trouble
with ftpd on AIX 3.2.5...I guess seteuid works differently on AIX
or something.

							-john


*** krb5-beta7/src/appl/gssftp/ftpd/ftpd.c	Fri Oct 11 16:19:53 1996
--- krb5-beta7/src/appl/gssftp/ftpd/ftpd.c.old	Fri Oct 11 16:19:28 1996
***************
*** 2078,2111 ****
   *	-1 on error
   *	-2 on security error
   */
- #ifdef STDARG
- secure_fprintf(FILE *stream, char *fmt, ...)
- #else
  secure_fprintf(stream, fmt, p1, p2, p3, p4, p5)
  FILE *stream;
  char *fmt;
- #endif
  {
!         char s[FTP_BUFSIZ];
!         int rval;
! #ifdef STDARG
!         va_list ap;
  
!         va_start(ap, fmt);
!         if (level == PROT_C) rval = vfprintf(stream, fmt, ap);
!         else {
!                 vsprintf(s, fmt, ap);
!                 rval = secure_write(fileno(stream), s, strlen(s));
!         }
!         va_end(ap);
! 
!         return(rval);
! #else
!         if (level == PROT_C)
!                 return(fprintf(stream, fmt, p1, p2, p3, p4, p5));
!         sprintf(s, fmt, p1, p2, p3, p4, p5);
!         return(secure_write(fileno(stream), s, strlen(s)));
! #endif
  }
  
  send_file_list(whichfiles)
--- 2078,2093 ----
   *	-1 on error
   *	-2 on security error
   */
  secure_fprintf(stream, fmt, p1, p2, p3, p4, p5)
  FILE *stream;
  char *fmt;
  {
! 	char s[FTP_BUFSIZ];
  
! 	if (level == PROT_C)
! 		return(fprintf(stream, fmt, p1, p2, p3, p4, p5));
! 	sprintf(s, fmt, p1, p2, p3, p4, p5);
! 	return(secure_write(fileno(stream), s, strlen(s)));
  }
  
  send_file_list(whichfiles)
home help back first fref pref prev next nref lref last post