Null pointer indirection bug in v4.0pl1

To: flexfax@sgi.com
Subject: flexfax: Null pointer indirection bug in v4.0pl1
From: Ken Lalonde <ken@uunet.ca>
Date: Tue, 13 Jan 1998 15:41:06 -0500

There's a *0 bug in hfaxd that shows up when the user logs in without
a password, and the etc/hosts file requires one.
Here's the fix:

*** SNPPServer.c++	1998/01/13 20:30:56	1.1
--- SNPPServer.c++	1998/01/13 20:31:00
***************
*** 990,996 ****
  
      if (checkUser(loginID)) {
  	if (passwd != "") {
! 	    if (pass[0] == '\0' || !streq(crypt(pass, passwd), passwd)) {
  		if (++loginAttempts >= maxLoginAttempts) {
  		    reply(421, "Login incorrect (closing connection).");
  		    logNotice("Repeated SNPP login failures for user %s from %s [%s]"
--- 990,996 ----
  
      if (checkUser(loginID)) {
  	if (passwd != "") {
! 	    if (pass == NULL || pass[0] == '\0' || !streq(crypt(pass, passwd), passwd)) {
  		if (++loginAttempts >= maxLoginAttempts) {
  		    reply(421, "Login incorrect (closing connection).");
  		    logNotice("Repeated SNPP login failures for user %s from %s [%s]"



Ken Lalonde
UUNET Canada

Prev by Date: Re: ps2fax
Next by Date: Re: Win95 broadcast fax, # of active modems
Prev by thread: Re: ps2fax
Next by thread: Re: Null pointer indirection bug in v4.0pl1
Index(es):
- Main
- Thread

Report any problems to webmaster@hylafax.org

HylaFAX is a trademark of Silicon Graphics Corporation.
Internet connectivity for hylafax.org is provided by:
VirtuALL Private Host Services