From tolik@sibptus.tomsk.ru Fri Mar 19 01:56:09 1999
Return-Path: <tolik@sibptus.tomsk.ru>
Received: from sibptus.tomsk.ru (sibptus.tomsk.ru [212.176.23.5])
	by hub.freebsd.org (Postfix) with ESMTP id 1268514F46
	for <FreeBSD-gnats-submit@freebsd.org>; Fri, 19 Mar 1999 01:55:30 -0800 (PST)
	(envelope-from tolik@sibptus.tomsk.ru)
Received: (from tolik@localhost)
	by sibptus.tomsk.ru (8.8.8/8.8.8) id QAA20087;
	Fri, 19 Mar 1999 16:54:56 +0700 (TSK)
	(envelope-from tolik)
Message-Id: <199903190954.QAA20087@sibptus.tomsk.ru>
Date: Fri, 19 Mar 1999 16:54:56 +0700 (TSK)
From: User Tolik <tolik@sibptus.tomsk.ru>
Reply-To: tolik@mpeks.tomsk.su
To: FreeBSD-gnats-submit@freebsd.org
Subject: setlogin(2) is not correct ?
X-Send-Pr-Version: 3.2

>Number:         10671
>Category:       kern
>Synopsis:       setlogin(2) return EINVAL for length of name greather than MAXLOGNAME - 2
>Confidential:   no
>Severity:       serious
>Priority:       medium
>Responsible:    freebsd-bugs
>State:          closed
>Quarter:        
>Keywords:       
>Date-Required:  
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Fri Mar 19 02:00:00 PST 1999
>Closed-Date:    Fri Oct 12 06:38:33 PDT 2001
>Last-Modified:  Fri Oct 12 06:40:56 PDT 2001
>Originator:     Anatoly A. Orehovsky
>Release:        FreeBSD 2.2.8-RELEASE i386
>Organization:
>Environment:

	

>Description:

Calling setlogin(2) return EINVAL for length of name param greather than MAXLOGNAME - 2

/sys/kern/kern_prot.c:
int
setlogin(p, uap, retval)
        struct proc *p;
        struct setlogin_args *uap;
        int *retval;
{
        int error;

        if ((error = suser(p->p_ucred, &p->p_acflag)))
                return (error);
        error = copyinstr((caddr_t) uap->namebuf,
            (caddr_t) p->p_pgrp->pg_session->s_login,
            sizeof (p->p_pgrp->pg_session->s_login) - 1, (u_int *)0);
        if (error == ENAMETOOLONG)
                error = EINVAL;
        return (error);
}

Here is :
calling copyinstr with maxlen = MAXLOGNAME - 1. Such setlogin(2) returned EINVAL
for maxlen > MAXLOGNAME - 2. Manpage of setlogin(2) talk nothing about it.
Is this correct ?

	

>How-To-Repeat:

a.c:
#include <unistd.h>
#include <sys/param.h>
#include <stdio.h>

main(){

char name[MAXLOGNAME] = "0123456789a"; /* 11 chars without '\0' < MAXLOGNAME - 1*/

if (setlogin(name)) {
	perror("setlogin");
	exit(1);
}

exit(0);
}

# cc a.c
# ./a.out; echo "Exitcode $?"
setlogin: Invalid argument
Exitcode 1

	

>Fix:

Either correct manpage of setlogin(2), or correct kern_prot.c.
	
	


>Release-Note:
>Audit-Trail:

From: User Tolik <tolik@sibptus.tomsk.ru>
To: FreeBSD-gnats-submit@freebsd.org
Cc:  
Subject: kern/10671: setlogin(2) is not correct ?
Date: Fri, 19 Mar 1999 16:54:56 +0700 (TSK)

 >Number:         10671
 >Category:       kern
 >Synopsis:       setlogin(2) return EINVAL for length of name greather than MAXLOGNAME - 2
 >Confidential:   yes
 >Severity:       serious
 >Priority:       medium
 >Responsible:    freebsd-bugs
 >State:          open
 >Quarter:        
 >Keywords:       
 >Date-Required:
 >Class:          sw-bug
 >Submitter-Id:   current-users
 >Arrival-Date:   Fri Mar 19 02:00:00 PST 1999
 >Closed-Date:
 >Last-Modified:
 >Originator:     Anatoly A. Orehovsky
 >Release:        FreeBSD 2.2.8-RELEASE i386
 >Organization:
 >Environment:
 
 	
 
 >Description:
 
 Calling setlogin(2) return EINVAL for length of name param greather than MAXLOGNAME - 2
 
 /sys/kern/kern_prot.c:
 int
 setlogin(p, uap, retval)
         struct proc *p;
         struct setlogin_args *uap;
         int *retval;
 {
         int error;
 
         if ((error = suser(p->p_ucred, &p->p_acflag)))
                 return (error);
         error = copyinstr((caddr_t) uap->namebuf,
             (caddr_t) p->p_pgrp->pg_session->s_login,
             sizeof (p->p_pgrp->pg_session->s_login) - 1, (u_int *)0);
         if (error == ENAMETOOLONG)
                 error = EINVAL;
         return (error);
 }
 
 Here is :
 calling copyinstr with maxlen = MAXLOGNAME - 1. Such setlogin(2) returned EINVAL
 for maxlen > MAXLOGNAME - 2. Manpage of setlogin(2) talk nothing about it.
 Is this correct ?
 
 	
 
 >How-To-Repeat:
 
 a.c:
 #include <unistd.h>
 #include <sys/param.h>
 #include <stdio.h>
 
 main(){
 
 char name[MAXLOGNAME] = "0123456789a"; /* 11 chars without '\0' < MAXLOGNAME - 1*/
 
 if (setlogin(name)) {
 	perror("setlogin");
 	exit(1);
 }
 
 exit(0);
 }
 
 # cc a.c
 # ./a.out; echo "Exitcode $?"
 setlogin: Invalid argument
 Exitcode 1
 
 	
 
 >Fix:
 
 Either correct manpage of setlogin(2), or correct kern_prot.c.
 	
 	
 
 
 >Release-Note:
 >Audit-Trail:
 >Unformatted:
 
 
 To Unsubscribe: send mail to majordomo@FreeBSD.org
 with "unsubscribe freebsd-bugs" in the body of the message
 
 
 
 
State-Changed-From-To: open->feedback 
State-Changed-By: mike 
State-Changed-When: Thu Jul 19 18:14:52 PDT 2001 
State-Changed-Why:  

Does this problem still occur in newer versions of FreeBSD, 
such as 4.3-RELEASE? 

http://www.FreeBSD.org/cgi/query-pr.cgi?pr=10671 
State-Changed-From-To: feedback->closed 
State-Changed-By: yar 
State-Changed-When: Fri Oct 12 06:38:33 PDT 2001 
State-Changed-Why:  
The bug has been fixed long ago. 

http://www.FreeBSD.org/cgi/query-pr.cgi?pr=10671 
>Unformatted:
