[scponly] Re: scponly bug

Zdenek Hladik hladik at ima.cz
Tue Sep 17 10:39:17 EDT 2002 

Hi, 

I tried to fix yesterday mentioned error - succesfully. But there are 
still often situations ending in signal 11. So it will be good to 
revise coding. If there are those problems it is very probably also  
possible buffer overflow vulnerability problems.

On 16 Sep 02, at 10:28, joe wrote:

> 
> Zdenek,
> 
> Thanks for emailing me.  I am hoping I can ask you some more questions
> about the problems you mention.  see questions inline...
> 
> On Mon, 16 Sep 2002, Zdenek Hladik wrote:
> > Hello,
> >
> > I just tried to test your SCPONLY package. It seems to by little
> > messy package. It seems that 3.1 pakage nobody tested on Linux. make
> > jail ends with crazy error. But it is not big problem because chroot
> > for making jail is on Internet lot of other cookbooks.
> 
> Could you send me this error?
> 
> > But more serious problem i got. At first I believed that i made wrong
> > chroot jail, but after adding some debug messages to scponly.c i
> > found that scponlyc crashes inside
> >
> >        flatten_vector()
> >
> > on processing of scp -r -p -d "somefile" command from winscp. with
> > exit signal 11 (memory violation).
> 
> If possible, could you increase your debugging output (edit
> /usr/local/etc/scponly/debugfile andchange value inside the file to "2")
> and rerun your winscp program to cause the crash.  It would be very
> valuable if i could see the debugging output.

Incrieasing debug level totally mess Winscp. It is better to change 
destionation on some debug level to log file instead to stdout...

> 
> > Because I did not understand purposes of flattening i simply used
> > "request" variable instead of flatted_request" and it started to
> > work.
> 
> flatten_vector() takes an argument vector (like char **argv) and changes
> it into a regular C string (char *).  it does this by placing a
> single space between each argument in the argument vector.   i will audit
> this code and try to find the problem.
> 
> > So, please check your flatten_vector() routine - somewhere must be
> > problem, probably with pointers. (as very commoin in C language)
> >
> > Even with those problems I believe that it is very valuable package
> > and I hope also that Openssh authors incoproprate supporting features
> >  to future versions of package. So much thans for your work...
> >
> > bye
> >                                     Zdenek Hladik
> >                                          I M A
> >
> >
> >
> >
> >
> 
>

More information about the scponly mailing list