[3025] in Kerberos-V5-bugs
krb5-libs/680: prompter_posix() does not reset terminal on interrupt
daemon@ATHENA.MIT.EDU (fcusack@iconnet.net)
Mon Dec 28 13:17:09 1998
Resent-From: gnats@rt-11.MIT.EDU (GNATS Management)
Resent-To: krb5-unassigned@RT-11.MIT.EDU
Resent-Reply-To: krb5-bugs@MIT.EDU, fcusack@iconnet.net
Date: Mon, 28 Dec 1998 13:17:43 -0500 (EST)
From: fcusack@iconnet.net
Reply-To: fcusack@iconnet.net
To: krb5-bugs@MIT.EDU
Cc: fcusack@iconnet.net
>Number: 680
>Category: krb5-libs
>Synopsis: krb5_prompter_posix does not restore terms setting on interrupt
>Confidential: no
>Severity: non-critical
>Priority: medium
>Responsible: krb5-unassigned
>State: open
>Class: sw-bug
>Submitter-Id: unknown
>Arrival-Date: Mon Dec 28 13:17:00 EST 1998
>Last-Modified:
>Originator: Frank Cusack
>Organization:
Icon CMT Corp.
>Release: krb5-current-19981119
>Environment:
Unix
System: SunOS ratbert 5.6 Generic_105181-09 sun4u sparc SUNW,Ultra-5_10
Architecture: sun4
>Description:
Signal handler used in krb5_prompter_posix() does not restore
terminal echo settings. This will leave the terminal in a
"non-echo" state if user sends an interrupt while the
library is reading a hidden password.
>How-To-Repeat:
Run kinit (using the new creds API) and type ^C when asked
for the password.
>Fix:
fd and save_control are declared volatile b/c of setjmp()/longjmp()
semantics.
Index: prompter.c
===================================================================
RCS file: /icon/d04/cvsroot/3rd-party/krb5-19981119/lib/krb5/os/prompter.c,v
retrieving revision 1.3
diff -u -r1.3 prompter.c
--- prompter.c 1998/12/28 17:44:50 1.3
+++ prompter.c 1998/12/28 18:10:57
@@ -38,8 +38,9 @@
krb5_error_code errcode;
int i;
#ifndef ECHO_PASSWORD
- struct termios echo_control, save_control;
- int fd;
+ struct termios echo_control;
+ volatile struct termios save_control;
+ volatile int fd;
#endif
if (name) {
@@ -52,8 +53,23 @@
fputs("\n", stdout);
}
+#ifndef ECHO_PASSWORD
+ fd = fileno(stdin);
+
+ if (isatty(fd) == 1) {
+ if (tcgetattr(fd, &echo_control) == -1)
+ return errno;
+
+ save_control = echo_control;
+ echo_control.c_lflag &= ~(ECHO|ECHONL);
+ }
+#endif /* ECHO_PASSWORD */
+
if (setjmp(pwd_jump)) {
errcode = KRB5_LIBOS_PWDINTR; /* we were interrupted... */
+#ifndef ECHO_PASSWORD
+ (void) tcsetattr(fd, TCSANOW, &save_control);
+#endif /* ECHO_PASSWORD */
goto cleanup;
}
/* save intrfunc */
@@ -62,16 +78,7 @@
for (i=0; i<num_prompts; i++) {
#ifndef ECHO_PASSWORD
if (prompts[i].hidden) {
- /* get the file descriptor associated with stdin */
- fd = fileno(stdin);
-
if (isatty(fd) == 1) {
- if (tcgetattr(fd, &echo_control) == -1)
- return errno;
-
- save_control = echo_control;
- echo_control.c_lflag &= ~(ECHO|ECHONL);
-
if (tcsetattr(fd, TCSANOW, &echo_control) == -1)
return errno;
}
@@ -110,7 +117,7 @@
if ((tcsetattr(fd, TCSANOW, &save_control) == -1) &&
(errcode == 0))
return errno;
-#endif
+#endif /* ECHO_PASSWORD */
}
errcode = 0;
>Audit-Trail:
>Unformatted:
