uuxqt bug
Steve Harpster
steve at tellab3.UUCP
Fri Jun 1 01:27:50 AEST 1984
The following is a bug I discovered yesterday which caused our uuxqt to
die. I am reletively new to the net so if this bug has been already
hashed out, I apologize.
Subject: Uuxqt hangs
Index: usr.bin/uucp/uuxqt.c 4.2BSD
Description:
Uuxqt dies with an ASSERT XQTDIR ERROR when an execute file has
a name greater than 14 characters. When in debug mode, the full
pathname of the execute file shown is garbage.
Repeat-By:
uux host!cmd very_long_filename
Fix:
The problem is in mvxfiles() in the file uuxqt.c. This is where
the execute files are moved into XQTDIR. Notice that the line
if (sscanf(&buf[1], "%s%s", ffile, tfile) < 2)
doesn't restrict the length of ffile or tfile. Tfile is declared
to be a character array of length NAMESIZE (== 15). This is fine
on older versions of Unix where the maximum name of a file was
guaranteed to be less than or equal to 14; however, in 4.2bsd,
filenames can be up to 255 (see MAXNAMLEN in dir(5)). This results
in blowing out the array tfile thereby corrupting tfull (which
holds the full pathname of the execute file.
My fix was to simply change the define NAMESIZE in uucp.h from 15
to 255. I suppose you should also up MAXFULLNAME which is currently
set to 250 but that really seems ok for now (at least for us).
More information about the Comp.bugs.4bsd.ucb-fixes
mailing list