From hars@grisu.bik-gmbh.de  Tue Mar 22 07:54:06 2005
Return-Path: <hars@grisu.bik-gmbh.de>
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 41AD216A4CE
	for <FreeBSD-gnats-submit@freebsd.org>; Tue, 22 Mar 2005 07:54:06 +0000 (GMT)
Received: from grisu.bik-gmbh.de (grisu.bik-gmbh.de [217.110.154.194])
	by mx1.FreeBSD.org (Postfix) with ESMTP id A03B743D2F
	for <FreeBSD-gnats-submit@freebsd.org>; Tue, 22 Mar 2005 07:54:04 +0000 (GMT)
	(envelope-from hars@grisu.bik-gmbh.de)
Received: from grisu.bik-gmbh.de (grisu.bik-gmbh.de [217.110.154.194])
	by grisu.bik-gmbh.de (8.13.1/8.13.1) with ESMTP id j2M7s2UX039761
	for <FreeBSD-gnats-submit@freebsd.org>; Tue, 22 Mar 2005 08:54:02 +0100 (CET)
	(envelope-from hars@grisu.bik-gmbh.de)
Received: (from root@localhost)
	by grisu.bik-gmbh.de (8.13.1/8.13.1/Submit) id j2M7s1eG039736;
	Tue, 22 Mar 2005 08:54:01 +0100 (CET)
	(envelope-from hars)
Message-Id: <200503220754.j2M7s1eG039736@grisu.bik-gmbh.de>
Date: Tue, 22 Mar 2005 08:54:01 +0100 (CET)
From: Florian Hars <hars@bik-gmbh.de>
To: FreeBSD-gnats-submit@freebsd.org
Subject: stunnel calls execvp with broken arguments
X-Send-Pr-Version: 3.113
X-GNATS-Notify:

>Number:         79114
>Category:       ports
>Synopsis:       stunnel calls execvp with broken arguments
>Confidential:   no
>Severity:       serious
>Priority:       medium
>Responsible:    roam
>State:          closed
>Quarter:        
>Keywords:       
>Date-Required:  
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Tue Mar 22 08:00:16 GMT 2005
>Closed-Date:    Thu May 12 11:37:18 GMT 2005
>Last-Modified:  Thu May 12 11:37:18 GMT 2005
>Originator:     Charlie &
>Release:        FreeBSD 5.3-RELEASE i386
>Organization:
>Environment:
System: FreeBSD grisu.bik-gmbh.de 5.3-RELEASE FreeBSD 5.3-RELEASE #0: Fri Nov 5 04:19:18 UTC 2004 root@harlow.cse.buffalo.edu:/usr/obj/usr/src/sys/GENERIC i386

>Description:
       If execargs is not given in stunnel.conf, stunnel calls execvp with a NULL
       pointer as its second argument, which makes execvp fail with EFAIL.
>How-To-Repeat:
	I wrapped popa3d with stunnel, which worked on 4.x (modulo the spurious broken
        connection errors I filed a while ago) without execargs in stunnel.conf.
	I copied my configuration, and now every connection attempt leads to

         stunnel[13279]: /usr/local/libexec/popa3d: Bad address (14)

>Fix:

	execargs should be mandatory (and checked on startup),
        or something like the following should be done in client.c:
        if (NULL == c->opt->execargs) {
          char *args[] =  {c->opt->execname, NULL};
          execvp(c->opt->execname, args);
        } else {
	  execvp(c->opt->execname, c->opt->execargs);
	}
	

>Release-Note:
>Audit-Trail:
Responsible-Changed-From-To: freebsd-ports-bugs->roam 
Responsible-Changed-By: vs 
Responsible-Changed-When: Tue Mar 22 13:26:41 GMT 2005 
Responsible-Changed-Why:  
Over to maintainer 

http://www.freebsd.org/cgi/query-pr.cgi?pr=79114 
State-Changed-From-To: open->analyzed 
State-Changed-By: roam 
State-Changed-When: Wed Mar 23 12:12:26 GMT 2005 
State-Changed-Why:  
I'm looking into this... 

http://www.freebsd.org/cgi/query-pr.cgi?pr=79114 

From: Florian Hars <hars@bik-gmbh.de>
To: Peter Pentchev <roam@FreeBSD.org>,
	freebsd-gnats-submit@FreeBSD.org
Cc:  
Subject: Re: ports/79114: stunnel calls execvp with broken arguments
Date: Wed, 23 Mar 2005 14:32:52 +0100

 Peter Pentchev wrote:
 > I'm looking into this...
 
 The sematics of execve changed a year ago, see
 http://www.freebsd.org/cgi/cvsweb.cgi/src/sys/kern/kern_exec.c?f=h#rev1.238
 
 This is the relevant part from execve(2):
 
       The argument argv is a pointer to a null-terminated array of character
       pointers to null-terminated character strings.  These strings construct
       the argument list to be made available to the new process.  At least one
       argument must be present in the array; by custom, the first element
       should be the name of the executed program (for example, the last compo-
       nent of path).
 
 
 Yours, Florian.
State-Changed-From-To: analyzed->closed 
State-Changed-By: roam 
State-Changed-When: Thu May 12 11:36:53 GMT 2005 
State-Changed-Why:  
Fixed in the just-committed update to 4.10. 
Thanks for the problem report and the analysis! 

http://www.freebsd.org/cgi/query-pr.cgi?pr=79114 
>Unformatted:
