Bug#229785: sessreg: session overwritten can be due to ut_id 4 byte length limit
Package: xutils
Version: 4.2.1-12.1
Severity: normal
Followup-For: Bug #229785
Hi!
I've been investigating a little bit more about this bug and I've found
some extra information.
In sessreg.c, lines 371 - 385:
-*-*-*-*-*-
if (line) {
int i;
/*
* this is a bit crufty, but
* follows the apparent conventions in
* the ttys file. ut_id is only 4 bytes
* long, and the last 4 bytes of the line
* name are written into it, left justified.
*/
i = strlen (line);
if (i >= sizeof (u->ut_id))
i -= sizeof (u->ut_id);
else
i = 0;
(void) strncpy (u->ut_id, line + i, sizeof (u->ut_id));
-*-*-*-*-*-
The thing is that if you have different host names, with the same
display numbers, such as "test:0" and "fist:0", this is keeping only
the last 4 characters of the name, and will consider that these two
hosts are in fact only one host.
I think that doing a hash, or something like that would be better.
Hope it helps solve this bug.
Love,
Margarita Manterola.
-- System Information:
Debian Release: testing/unstable
Architecture: i386
Kernel: Linux fobos 2.4.24-1-k7 #1 Wed Jan 7 00:47:47 EST 2004 i686
Locale: LANG=es_ES.ISO-8859-1, LC_CTYPE=es_ES.ISO-8859-1
Versions of packages xutils depends on:
ii cpp-3.2 1:3.2.3-0pre9 The GNU C preprocessor
ii libc6 2.3.2.ds1-10 GNU C Library: Shared libraries an
ii libncurses5 5.3.20030719-1 Shared libraries for terminal hand
ii xfree86-common 4.2.1-6 X Window System (XFree86) infrastr
ii zlib1g 1:1.2.1-3 compression library - runtime
-- no debconf information
Reply to: