[scponly] scp blues

Kaleb Pederson kpederson at mail.ewu.edu
Fri Mar 17 11:52:18 EST 2006 

Here's the patch with formatting cleaned up and unnecessary debugging 
information removed.

--Kaleb

On Friday 17 March 2006 8:39 am, Kaleb Pederson wrote:
> Patch attached.  Thanks for the details.
>
> That bug was my fault :(.  When I setup the "safe" environment processing I
> hadn't realized that discard_vector() tried to free the entire original
> array (not just the children).  However, the base array was compiler
> allocated, and thus didn't need to be freed within the code.
>
> The attached patch dynamically allocates the space for the environment
> variables instead of it being compiler allocated.  Thus, when
> discard_vector frees the space, it was truly dynamically allocated.
>
> Thanks.
>
> --Kaleb
>
> On Thursday 16 March 2006 3:59 pm, Daniel Webb wrote:
> > On Thu, Mar 16, 2006 at 02:18:31AM -0700, Daniel Webb wrote:
> > > By the way, the "invalid pointer" message still comes up any time I try
> > > to execute a command that's not allowed:
> > >
> > > ----
> > > Command '<something>' failed with return code 0 and error message
> > > free(): invalid pointer 0x804dae0!
> > > ----
> > >
> > > Normally, trying to free invalid pointers is a bad thing.  Am I the
> > > only one seeing this?
> >
> > Some more info, with debug.  From WinSCP when I try to open a "command
> > window":
> >
> > ----
> > Command 'groups' failed with return code -1 and error message
> > free(): invalid pointer 0x804dae0!
> > ----
> >
> > ----
> > Command 'pwd' failed with return code 0 and error message
> > free(): invalid pointer 0x804dae0!
> > ----
> >
> > I don't see anything at all in syslog.  If I turn up debuglevel to 6
> > (which I picked out of the blue), and try at a Linux shell:
> >
> > ssh -v -p 10006 bobo at localhost groups
> >
> > (I have ssh only listening on 10006 for this user) I get:
> >
> > ----
> > <snip>
> >
> > Password:
> > debug1: Authentication succeeded (keyboard-interactive).
> > debug1: channel 0: new [client-session]
> > debug1: Entering interactive session.
> > debug1: Sending command: groups
> > scponly[544]: chrooted binary in place, will chroot()
> > scponly[544]: 3 arguments in total.
> > scponly[544]:   arg 0 is scponlyc
> > scponly[544]:   arg 1 is -c
> > scponly[544]:   arg 2 is groups
> > scponly[544]: opened log at LOG_AUTHPRIV, opts 0x00000029
> > scponly[544]: retrieved home directory of
> > "/home/sbs/store000/bobo//home/main" for user "bobo"
> > scponly[544]: chrooting to dir: "/home/sbs/store000/bobo"
> > scponly[544]: chdiring to dir: "/home/main"
> > scponly[544]: setting uid to 1019
> > scponly[544]: processing request: "groups"
> > scponly[544]: Unable to find "LOG_SFTP" in the environment
> > scponly[544]: Found "USER" and setting it to "bobo"
> > scponly[544]: Unable to find "SFTP_UMASK" in the environment
> > scponly[544]: Unable to find "SFTP_PERMIT_CHMOD" in the environment
> > scponly[544]: Unable to find "SFTP_PERMIT_CHOWN" in the environment
> > scponly[544]: Unable to find "SFTP_LOG_LEVEL" in the environment
> > scponly[544]: Unable to find "SFTP_LOG_FACILITY" in the environment
> > scponly[544]: Found "HOME" and setting it to
> > "/home/sbs/store000/bobo//home/main"
> > scponly[544]: Environment contains "USER=bobo"
> > scponly[544]: Environment contains
> > "HOME=/home/sbs/store000/bobo//home/main" scponly[544]: set HOME
> >
> > environment variable to / username: bobo(1019), IP/port:
> > ::ffff:127.0.0.14925 10006
> >
> > scponly[544]: running: /usr/bin/groups (username: bobo(1019), IP/port:
> > ::ffff:127.0.0.1 4925 10006)
> >
> > scponly[544]: failed: /usr/bin/groups with error No such file or
> > directory(2) (username: bobo(1019), IP/port: ::ffff:127.0.0.1 4925 10006)
> > free(): invalid pointer 0x804dae0!
> > debug1: client_input_channel_req: channel 0 rtype exit-status reply 0
> > debug1: channel 0: free: client-session, nchannels 1
> > debug1: Transferred: stdin 0, stdout 0, stderr 0 bytes in 0.1 seconds
> > debug1: Bytes per second: stdin 0.0, stdout 0.0, stderr 0.0
> > debug1: Exit status 2
> > ----
> >
> > _______________________________________________
> > scponly mailing list
> > scponly at lists.ccs.neu.edu
> > https://lists.ccs.neu.edu/bin/listinfo/scponly
-------------- next part --------------
A non-text attachment was scrubbed...
Name: scponly-safeenv.diff
Type: text/x-diff
Size: 1460 bytes
Desc: not available
Url : https://lists.ccs.neu.edu/pipermail/scponly/attachments/20060317/bc210ecd/scponly-safeenv.bin

More information about the scponly mailing list