Buffer overflow and environment passing fixes [originally inspired from
FreeBSD]. We really didn't need the environment fixes, but for the sake of keeping the code as close as possible...
This commit is contained in:
parent
2a0dca4bec
commit
5135a422f1
@ -1,4 +1,4 @@
|
||||
/* $NetBSD: defs.h,v 1.7 1998/04/01 15:05:10 kleink Exp $ */
|
||||
/* $NetBSD: defs.h,v 1.8 2000/11/19 20:17:39 christos Exp $ */
|
||||
|
||||
/*
|
||||
* Copyright (c) 1989, 1993
|
||||
@ -298,3 +298,8 @@ typedef struct {
|
||||
|
||||
#define his_will_wont_is_changing my_do_dont_is_changing
|
||||
#define his_do_dont_is_changing my_will_wont_is_changing
|
||||
|
||||
/*
|
||||
* Initialization buffer for tty device [16 characters long]
|
||||
*/
|
||||
#define NULL16STR "\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"
|
||||
|
@ -1,4 +1,4 @@
|
||||
/* $NetBSD: sys_term.c,v 1.18 1999/12/31 12:42:35 tron Exp $ */
|
||||
/* $NetBSD: sys_term.c,v 1.19 2000/11/19 20:17:39 christos Exp $ */
|
||||
|
||||
/*
|
||||
* Copyright (c) 1989, 1993
|
||||
@ -38,7 +38,7 @@
|
||||
#if 0
|
||||
static char sccsid[] = "@(#)sys_term.c 8.4+1 (Berkeley) 5/30/95";
|
||||
#else
|
||||
__RCSID("$NetBSD: sys_term.c,v 1.18 1999/12/31 12:42:35 tron Exp $");
|
||||
__RCSID("$NetBSD: sys_term.c,v 1.19 2000/11/19 20:17:39 christos Exp $");
|
||||
#endif
|
||||
#endif /* not lint */
|
||||
|
||||
@ -482,13 +482,13 @@ getnpty()
|
||||
* Returns the file descriptor of the opened pty.
|
||||
*/
|
||||
#ifndef __GNUC__
|
||||
char *line = "\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0";
|
||||
char *line = NULL16STR;
|
||||
#else
|
||||
static char Xline[] = "\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0";
|
||||
static char Xline[] = NULL16STR;
|
||||
char *line = Xline;
|
||||
#endif
|
||||
#ifdef CRAY
|
||||
char *myline = "\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0";
|
||||
char *myline = NULL16STR;
|
||||
#endif /* CRAY */
|
||||
|
||||
#ifdef OPENPTY_PTY
|
||||
@ -522,7 +522,7 @@ int *ptynum;
|
||||
if (p > 0) {
|
||||
grantpt(p);
|
||||
unlockpt(p);
|
||||
strcpy(line, ptsname(p));
|
||||
(void)strlcpy(line, ptsname(p), sizeof(NULL16STR));
|
||||
return(p);
|
||||
}
|
||||
|
||||
@ -1601,7 +1601,7 @@ start_login(host, autologin, name)
|
||||
#endif
|
||||
#ifdef SOLARIS
|
||||
char *term;
|
||||
char termbuf[64];
|
||||
char termnamebuf[64];
|
||||
#endif
|
||||
|
||||
#ifdef UTMPX
|
||||
@ -1655,9 +1655,10 @@ start_login(host, autologin, name)
|
||||
if (term == NULL || term[0] == 0) {
|
||||
term = "-";
|
||||
} else {
|
||||
strcpy(termbuf, "TERM=");
|
||||
strncat(termbuf, term, sizeof(termbuf) - 6);
|
||||
term = termbuf;
|
||||
(void)strcpy(termnamebuf, "TERM=");
|
||||
(void)strlcpy(&termnamebuf[5], term,
|
||||
sizeof(termnamebuf) - 6);
|
||||
term = termnamebuf;
|
||||
}
|
||||
argv = addarg(argv, term);
|
||||
#endif
|
||||
@ -1893,6 +1894,17 @@ scrub_env()
|
||||
if (strncmp(*cpp, "LD_", 3) &&
|
||||
strncmp(*cpp, "_RLD_", 5) &&
|
||||
strncmp(*cpp, "LIBPATH=", 8) &&
|
||||
strncmp(*cpp, "LOCALDOMAIN=", 12) &&
|
||||
strncmp(*cpp, "RES_OPTIONS=", 12) &&
|
||||
strncmp(*cpp, "TERMINFO=", 9) &&
|
||||
strncmp(*cpp, "TERMINFO_DIRS=", 14) &&
|
||||
/*
|
||||
* We dissallow TERMPATH and TERMCAP
|
||||
* entries that reference files.
|
||||
*/
|
||||
strncmp(*cpp, "TERMPATH=", 9) &&
|
||||
strncmp(*cpp, "TERMCAP=/", 9) &&
|
||||
strncmp(*cpp, "ENV=", 4) &&
|
||||
strncmp(*cpp, "IFS=", 4))
|
||||
*cpp2++ = *cpp;
|
||||
}
|
||||
|
@ -1,4 +1,4 @@
|
||||
/* $NetBSD: telnetd.c,v 1.22 2000/08/18 03:25:52 itojun Exp $ */
|
||||
/* $NetBSD: telnetd.c,v 1.23 2000/11/19 20:17:39 christos Exp $ */
|
||||
|
||||
/*
|
||||
* Copyright (C) 1997 and 1998 WIDE Project.
|
||||
@ -69,7 +69,7 @@ __COPYRIGHT("@(#) Copyright (c) 1989, 1993\n\
|
||||
#if 0
|
||||
static char sccsid[] = "@(#)telnetd.c 8.4 (Berkeley) 5/30/95";
|
||||
#else
|
||||
__RCSID("$NetBSD: telnetd.c,v 1.22 2000/08/18 03:25:52 itojun Exp $");
|
||||
__RCSID("$NetBSD: telnetd.c,v 1.23 2000/11/19 20:17:39 christos Exp $");
|
||||
#endif
|
||||
#endif /* not lint */
|
||||
|
||||
@ -922,13 +922,12 @@ doit(who)
|
||||
#else
|
||||
for (;;) {
|
||||
char *lp;
|
||||
extern char *line;
|
||||
|
||||
if ((lp = getpty()) == NULL)
|
||||
fatal(net, "Out of ptys");
|
||||
|
||||
if ((pty = open(lp, 2)) >= 0) {
|
||||
strcpy(line,lp);
|
||||
(void)strlcpy(line, lp, sizeof(NULL16STR));
|
||||
line[5] = 't';
|
||||
break;
|
||||
}
|
||||
@ -1239,7 +1238,7 @@ telnet(f, p, host)
|
||||
IM = getstr("im", &cp);
|
||||
IF = getstr("if", &cp);
|
||||
if (HN && *HN)
|
||||
(void) strcpy(host_name, HN);
|
||||
(void)strlcpy(host_name, HN, sizeof(host_name));
|
||||
if (IM == 0)
|
||||
IM = "";
|
||||
} else {
|
||||
|
Loading…
Reference in New Issue
Block a user