This is the mail archive of the cygwin mailing list for the Cygwin project.

Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Re: snapshot 05/05: ssh segmentation fault within screen

> On 05/06/2014 10:39 AM, Corinna Vinschen wrote:
> > The problem, which I totally not realized since I started implementing
> > this stuff is, that by propagating this cache to child processes, said
> > child processes suffer from what the parent process does to the passwd
> > structures in the cache.
> > 
> > Screen seems to call getpwuid and then sets some of the pointers in the
> > passwd structure it got from the call to NULL, apparently for some sort
> > of security, this way overwriting the cached passwd struct for the
> Bug in screen.  POSIX states:
> The application shall not modify the structure to which the return value
> points, nor any storage areas pointed to by pointers within the
> structure. The returned pointer, and pointers within the structure,
> might be invalidated or the structure or the storage areas might be
> overwritten by a subsequent call to getpwent(), getpwnam(), or getpwuid().

Fixing this would be well out of my depth, but I'll gladly include any
patches to screen that fix it.

Meanwhile there's a new release of screen (4.2.1) upstream, about one year
newer than the last commit I packaged for Cygwin, so maybe this problem has
already been addressed.  I'll get the new release out ASAP so we can test.


Problem reports:
Unsubscribe info:

Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]