[scponly] Re: scponly bug
Zdenek Hladik
hladik at ima.cz
Tue Sep 17 11:12:51 EDT 2002
On 17 Sep 02, at 0:58, joe wrote:
>
>
> If you increase debuglevel to just "1" it should increase output only to
> syslog, if i remember correctly.
Yes I know this fact, i studied source. But in case of crash of
scponly binary there is only message about signal 11 end. So I
identified place by adding tracinglog writes to source. I am not unix
fluent programmer so I dont know how to make core dump. May be you
can do it and after receiving some feedback core dump files you will
be able to find problem.
Sorry but I believe you are not yet very fulent in C pointers
pitfall. (Nobody I know is enough). You use quite complex
constructions and I am afraid it is full of bugs. Dangerous bugs
because writing to area of other variables cause very random
behaviour of program.
For example. Now after mentioned fix program work quite good, but
sometimes crashes on deletion of directory. I repeated several times
test and crash depends if i copied before deletion some dirs or
not...
Zdenek Hladik
>
> thanks again,
> joe
>
> ----
>
> PGP KEY: http://www.sublimation.org/contact.html
> PGP Key fingerprint = EC4B 0DA5 B4F6 BDDD 9176 55D6 3A6A 7D63 158F 22D2
>
>
> On Tue, 17 Sep 2002, Zdenek Hladik wrote:
>
> > Hi,
> >
> > I tried to fix yesterday mentioned error - succesfully. But there are
> > still often situations ending in signal 11. So it will be good to
> > revise coding. If there are those problems it is very probably also
> > possible buffer overflow vulnerability problems.
> >
> > On 16 Sep 02, at 10:28, joe wrote:
> >
> > >
> > > Zdenek,
> > >
> > > Thanks for emailing me. I am hoping I can ask you some more questions
> > > about the problems you mention. see questions inline...
> > >
> > > On Mon, 16 Sep 2002, Zdenek Hladik wrote:
> > > > Hello,
> > > >
> > > > I just tried to test your SCPONLY package. It seems to by little
> > > > messy package. It seems that 3.1 pakage nobody tested on Linux. make
> > > > jail ends with crazy error. But it is not big problem because chroot
> > > > for making jail is on Internet lot of other cookbooks.
> > >
> > > Could you send me this error?
> > >
> > > > But more serious problem i got. At first I believed that i made wrong
> > > > chroot jail, but after adding some debug messages to scponly.c i
> > > > found that scponlyc crashes inside
> > > >
> > > > flatten_vector()
> > > >
> > > > on processing of scp -r -p -d "somefile" command from winscp. with
> > > > exit signal 11 (memory violation).
> > >
> > > If possible, could you increase your debugging output (edit
> > > /usr/local/etc/scponly/debugfile andchange value inside the file to "2")
> > > and rerun your winscp program to cause the crash. It would be very
> > > valuable if i could see the debugging output.
> >
> > Incrieasing debug level totally mess Winscp. It is better to change
> > destionation on some debug level to log file instead to stdout...
> >
> > >
> > > > Because I did not understand purposes of flattening i simply used
> > > > "request" variable instead of flatted_request" and it started to
> > > > work.
> > >
> > > flatten_vector() takes an argument vector (like char **argv) and changes
> > > it into a regular C string (char *). it does this by placing a
> > > single space between each argument in the argument vector. i will audit
> > > this code and try to find the problem.
> > >
> > > > So, please check your flatten_vector() routine - somewhere must be
> > > > problem, probably with pointers. (as very commoin in C language)
> > > >
> > > > Even with those problems I believe that it is very valuable package
> > > > and I hope also that Openssh authors incoproprate supporting features
> > > > to future versions of package. So much thans for your work...
> > > >
> > > > bye
> > > > Zdenek Hladik
> > > > I M A
> > > >
> > > >
> > > >
> > > >
> > > >
> > >
> > >
> >
> >
>
More information about the scponly
mailing list