[syslog-ng] v1.6.8: usertty fails for usernames > 7 characters

Patterson, Jay Jay.Patterson at T-Mobile.com
Fri Oct 14 13:45:25 CEST 2005 

I commented out some expressions on lines 103 and 108 of src/afuser.c
 
src/afuser.c:103    ( /*self->username->length == strlen(ut->ut_user) &&*/
 
src/afuser.c:108    ( /*self->username->length == strlen(ut->ut_name) &&*/
 
These expressions appear to be optimizations that avoid doing a subsequent memcpy when the two strings obviously won't match, so I think commenting them out is harmless. From what I can tell, the strlen function will return a length much greater than the actual length for user names that go over 7 (or 31 for ut_user) characters, as there is no null-terminator in that case. I guess it eventually finds a zero somewhere beyond that point in memory. Experimentation with getutent more or less convinced me of that, as 8 character user names were returned with a bit of additional text, the null-string interpretation of ut_id.
 
I had to touch afuser.c to set its modification date back to Jan 31 2003 after editing. Something in the build process breaks if the modification date on the file is too recent.
 
This fixed the problem I was having with 8-character arguments to usertty
Jay Patterson 
OpenView Consultant 
E-Mail: Jay.Patterson at T-Mobile.com 
Phone: 862-812-3436 

-----Original Message-----
From: syslog-ng-bounces at lists.balabit.hu [mailto:syslog-ng-bounces at lists.balabit.hu]
Sent: Thursday, October 13, 2005 2:12 PM
To: syslog-ng at lists.balabit.hu
Subject: [syslog-ng] v1.6.8: usertty fails for usernames > 7 characters



syslog-ng-1.6.8 compiled with GCC 3.4.2 on Solaris 2.8 

syslog-ng won't write to userttys for login names that are greater than 7 characters 
Equivalent functionality on syslogd works 

Never used getutent until today, but ... 
After using getutent a little, I've come to the conclusion that the utmp fields are not null-terminated. 

Coincidently, ut_name has a size of 8 
ut_user has a size of 32 

The code near source file "afuser.c", line 98, seems to treat the ut_name and ut_user fields as if they were null-terminated.

Jay Patterson 
OpenView Consultant 
E-Mail: Jay.Patterson at T-Mobile.com 
Phone: 862-812-3436 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.balabit.hu/pipermail/syslog-ng/attachments/20051014/f696fe0d/attachment.htm

More information about the syslog-ng mailing list