[scponly] scponly 4.2 released (IMPORTANT SECURITY FIXES)
wby oblyr
joe at sublimation.org
Thu Dec 22 14:10:48 EST 2005
Thanks for the patch!
This will be in 4.3, which should appear shortly as there is usually a substantial amount of churn after a
significant code change (such as adding CHROOT_CHECKDIR and the getopt stuff).
joe
Hideyuki KURASHINA wrote this message on Thu, Dec 22, 2005 at 23:22 +0900:
> Hi,
>
> I'm glad to see new scponly release, and thank all of you who
> involved in this release.
>
> By the way, I found that WinSCP in SCP mode shows following error
> messages and no home directory will be appeared when session started.
> (SFTP mode works fine).
>
> Error
>
> Error looking up user groups.
>
> Command 'groups'
> failed with return code 0 and error message
> -scponly in free(): warning: junk pointer, too low to make sense.
>
> Error
>
> getting name of current remote directory.
>
> Command 'pwd'
> failed with return code 0 and error message
> -scponly in free(): warning: junk pointer, too low to make sense.
>
> ...
>
> This problem rises when scponly is built with following arguments to
> a configure script:
>
> --enable-scp-compat --enable-winscp-compat
>
> It can be work around with attached patch. Hope this helps.
>
> Regards,
>
> -- rushani
> �
> --- scponly.c.orig Thu Dec 22 08:12:22 2005
> +++ scponly.c Thu Dec 22 23:19:28 2005
> @@ -611,7 +611,9 @@
> fflush(stdout);
> fflush(stderr);
> discard_vector(av);
> +#ifdef USE_SAFE_ENVIRONMENT
> discard_vector(safeenv);
> +#endif
> free(flat_request);
> free(tmprequest);
> return(WEXITSTATUS(status));
> @@ -629,7 +631,9 @@
> syslog(LOG_ERR, "failed: %s with error %s(%u) (%s)", flat_request, strerror(errno), errno, logstamp());
> free(flat_request);
> discard_vector(av);
> +#ifdef USE_SAFE_ENVIRONMENT
> discard_vector(safeenv);
> +#endif
> #ifdef WINSCP_COMPAT
> if (winscp_mode)
> {
More information about the scponly
mailing list