[2848] in Kerberos-V5-bugs
pty/520: rlogin fails due to pty_getpty() bug
daemon@ATHENA.MIT.EDU (kenstir@senteinc.com)
Tue Dec 30 15:03:51 1997
Resent-From: gnats@rt-11.MIT.EDU (GNATS Management)
Resent-To: hartmans@MIT.EDU
Resent-Reply-To: krb5-bugs@MIT.EDU, kcox@senteinc.com
Date: Tue, 30 Dec 1997 15:01:44 -0500
From: kenstir@senteinc.com
Reply-To: kcox@senteinc.com
To: krb5-bugs@MIT.EDU
>Number: 520
>Category: pty
>Synopsis: rlogin fails due to pty_getpty() bug
>Confidential: no
>Severity: critical
>Priority: high
>Responsible: hartmans
>State: open
>Class: sw-bug
>Submitter-Id: unknown
>Arrival-Date: Tue Dec 30 15:02:01 EST 1997
>Last-Modified:
>Originator: Ken Cox
>Organization:
--
Kenneth H. Cox
Software Guy
Sente, Inc.
>Release: krb5-1.0.4
>Environment:
System: Linux kinsman.senteinc.com 2.0.30 #1 Wed Jun 4 15:02:33 EDT 1997 i586 unknown
Architecture: i586
>Description:
The klogind daemon was failing in pty_getpty() because it was
trying to open ptys with names of "/dev/ptyXp0". Here is a patch which
fixes the problem.
Oddly enough, this bug was not present in the krb5-1.0pl1 release.
>How-To-Repeat:
>Fix:
--- util/pty/getpty.c.dist Thu Dec 4 22:47:37 1997
+++ util/pty/getpty.c Tue Dec 30 14:43:32 1997
@@ -111,8 +111,10 @@
} else {
for (cp = "pqrstuvwxyzPQRST";*cp; cp++) {
sprintf(slavebuf,"/dev/ptyXX");
- slavebuf[sizeof("/dev/pty")] = *cp;
- slavebuf[sizeof("/dev/ptyp")] = '0';
+ /*slavebuf[sizeof("/dev/pty")] = *cp;*/
+ slavebuf[sizeof("/dev/pty") - 1] = *cp; /* 12/30/97 kenstir */
+ /*slavebuf[sizeof("/dev/ptyp")] = '0';*/
+ slavebuf[sizeof("/dev/ptyp") - 1] = '0'; /* 12/30/97 kenstir */
if (stat(slavebuf, &stb) < 0)
break;
for (i = 0; i < 16; i++) {
>Audit-Trail:
>Unformatted:
