[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: CVS_RSH env-var feature patch
From: |
Ellison, Martin [IT] |
Subject: |
RE: CVS_RSH env-var feature patch |
Date: |
Mon, 3 Sep 2001 09:09:50 +1000 |
I notice that you have redimensioned argv without changing any other code.
Does this mean that the code is susceptible to an overrun attack?
> -----Original Message-----
> From: Daniel Hiltgen [mailto:dhiltgen@ebay.sun.com]
> Sent: Saturday, 1 September 2001 5:25
> To: bug-cvs@gnu.org
> Subject: CVS_RSH env-var feature patch
>
>
> Existing behavior: The entire environment variable is treated as
> argv[0] for the fork, so you can not specify command arguments within
> the variable.
>
> Fix: Use strtok to tokenize the env-var so that multiple arguments
> show up as argv[0], argv[1], etc. This also works for the scenario
> where there is only a command and no arguments.
>
> This is very useful for people who want to use ssh as the plumbing,
> since ssh often requires multiple arguments to get the job done.
>
>
>
> *** cvs-1.11/src/client.c Thu Jul 6 09:20:41 2000
> --- cvs-1.11-args/src/client.c Thu Aug 30 10:49:17 2001
> ***************
> *** 4792,4801 ****
> sprintf (command, "%s server", cvs_server);
>
> {
> ! char *argv[10];
> char **p = argv;
>
> ! *p++ = cvs_rsh;
> *p++ = CVSroot_hostname;
>
> /* If the login names differ between client and server
> --- 4792,4805 ----
> sprintf (command, "%s server", cvs_server);
>
> {
> ! char *argv[30];
> char **p = argv;
>
> ! /* Check for flags in CVS_RSH */
> ! *p++ = strtok(cvs_rsh, " ");
> ! while(*p = strtok(0, " ")) {
> ! *p++;
> ! }
> *p++ = CVSroot_hostname;
>
> /* If the login names differ between client and server
>
>
>
>
> --
> Daniel Hiltgen (daniel.hiltgen@ebay.sun.com) (dtcm:
> dhiltgen@hiltgen)
> Phone: 510-936-2264 (x12264) Fax: 510-936-2396 MS:
> UNWK16-101
> Network Storage - Storage Utilities Software Development
>
> _______________________________________________
> Bug-cvs mailing list
> Bug-cvs@gnu.org
> http://mail.gnu.org/mailman/listinfo/bug-cvs
>
- RE: CVS_RSH env-var feature patch,
Ellison, Martin [IT] <=