Re: Security in a shell that starts ssh

To: debian-security@lists.debian.org
Subject: Re: Security in a shell that starts ssh
From: Tim van Erven <tripudium@chello.nl>
Date: Wed, 13 Jun 2001 23:34:28 +0200
Message-id: <[🔎] 20010613233427.A2360@koan.dhs.org>
Mail-followup-to: Tim van Erven <tripudium@chello.nl>, debian-security@lists.debian.org
In-reply-to: <[🔎] 20010613161027.D2048@molehole.moregruel.net>
References: <[🔎] 20010613161027.D2048@molehole.moregruel.net>

On Wed, Jun 13, 2001 at 04:10:27PM -0500, Steve Greenland <stevegr@debian.org> wrote:
> On 13-Jun-01, 13:47 (CDT), Tim van Erven <tripudium@chello.nl> wrote: 
> > > On Wed, Jun 13, 2001 at 10:57:08AM -0500, Steve Greenland wrote:
> > > > > int main()
> > > > 
> > > > int main(void)   /* () != (void) in C */
> > 
> > The comp.lang.c faq (http://www.faqs.org/faqs/C-faq/faq/) says it's ok.
> 
> Where does it say this? The only thing I can see is under 11.12, where
> it says "main must be declared as returning an int, and as taking either
> zero or two arguments, of the appropriate types." That means either 'int
> main(void)' or 'int main(int argc, char *argv[])' (or 'char **argv'
> or some other compatible variations). 'int main()' has unspecified
> arguments, not zero.
> 
> Or does it? Since it's a definition, not a declaration, it *is* a
> function with no arguments. OTOH, the standard specifically says main
> should be either 'int main(void)' or 'int main(int argc, char **argv)'.
> I think I may ask about this on comp.std.c.

"11.12a:What's the correct declaration of main()? A:Either int main(),
int main(void), or int main(int argc,
char *argv[]) (with alternate spellings of argc and *argv[]
obviously allowed).  See also questions 11.12b to 11.15 below."

> > > >      if(name[strlen(name) - 1] != '\n') {
> > 
> > Yes, this does look slightly better.
> 
> Since I'm already cluttering up -security with a reply, I'll point out
> that adding the braces wasn't strictly appearance. After a few times of
> rounds adding a second line to an un-braced if clause, you'll appreciate
> the habit of *always* putting in the braces.

Accept Linus' wisdom about indentation in the CodingStyle file that
comes with your kernel and I can't imagine you'll ever be bothered by
this again.

On the cluttering: I will try to make this my last reply in this
thread.
 
> > > Possible access to unallocated memory if "\0\n" supplied as input.
> > 
> > Only if strlen(name) = 0 and besides from being hard to achieve when
> > entering data on stdin, fgets will return 0 if that happens.
> 
> But not if you feed it a file.

I don't see how that could be done if this is used as a login
replacement. Still, it would be caught by fgets, so it's a non-issue.

> debian-codereview@lists.debian.org anyone? The place I used to work did
> code reviews for a short while: humbling and immensely valueable. I
> don't know why we got out of that habit; probably someone decided it
> "took too long", as if fixing bugs in released products was cheap.

Great idea IMHO.

-- 
Tim van Erven
tripudium@chello.nl
talerven@wins.uva.nl

Reply to:

Follow-Ups:
- Re: Security in a shell that starts ssh
  - From: Daniel Ginsburg <dg@warpsolutions.com>

References:
- Re: Security in a shell that starts ssh
  - From: Steve Greenland <stevegr@debian.org>

Prev by Date: Re: Security in a shell that starts ssh
Next by Date: Re: Security in a shell that starts ssh
Previous by thread: Re: Security in a shell that starts ssh
Next by thread: Re: Security in a shell that starts ssh
Index(es):
- Date
- Thread