bug in UNaXcess "getuser()" [user.c]
Gary S. Trujillo
gst at talcott.HARVARD.EDU
Sat Aug 2 09:20:57 AEST 1986
Oops. I found a problem with UNaXcess, but I got the fix wrong. It has
to do with a case in which the "userfile" has an entry which is matched
in getuser() which has too few colons. I believe that the test at line
51 should read:
if (ncolon < 6) {
Otherwise, an entry with fewer than 6 colons would be allowed, and one
of the for loops in the code that follows could go into a long search
through memory looking for a colon, clobbering various things as it goes.
I have just started looking at the code, so I might find additional problems
later. If anyone else out there is working on the code and finds problems,
please post them here, or let me know via mail. Thanks.
--
Gary Trujillo
(harvard!wjh12!gst)
More information about the Comp.sources.bugs
mailing list