Bug 18109

Thus spake noroi@mob.or.jp (noroi@mob.or.jp):

> +	if (pw->pw_shell[0] != '\0') {
>  	/* deny if shell does not exists or is not executable */
>  	if (stat(pw->pw_shell, &st) != 0)
>  		return 0;
>  	if (!((st.st_mode & S_IFREG) && (st.st_mode & (S_IXOTH|S_IXUSR|S_IXGRP))))
>  		return 0;
> +	}

You should add indentation to make your code more readable.

What will happen if it is == 0 now?

Alex

-- 
I need a new ~/.sig.

On Thu, 20 Apr 2000 13:31:07 +0200, Alexander Langer <alex@big.endian.de> wrote:

> You should add indentation to make your code more readable.

Sorry.

> What will happen if it is == 0 now?

if pw->pw_shell == 0 then ... segmentation violation will happen.
if pw->pw_shell[0] == 0 then ... it means /bin/sh.  /bin/sh always valid.

--- sshd.c.~1~	Thu Apr 20 21:37:40 2000
+++ sshd.c	Thu Apr 20 21:47:58 2000
@@ -1211,11 +1211,13 @@
 	if (!pw)
 		return 0;
 
-	/* deny if shell does not exists or is not executable */
-	if (stat(pw->pw_shell, &st) != 0)
-		return 0;
-	if (!((st.st_mode & S_IFREG) && (st.st_mode & (S_IXOTH|S_IXUSR|S_IXGRP))))
-		return 0;
+	if (pw->pw_shell && pw->pw_shell[0]) {
+		/* deny if shell does not exists or is not executable */
+		if (stat(pw->pw_shell, &st) != 0)
+			return 0;
+		if (!((st.st_mode & S_IFREG) && (st.st_mode & (S_IXOTH|S_IXUSR|S_IXGRP))))
+			return 0;
+	}
 
 	/* Return false if user is listed in DenyUsers */
 	if (options.num_deny_users > 0) {

Comment 3 dd 2001-06-01 04:11:00 UTC

Responsible Changed
From-To: freebsd-bugs->green

Over to in-tree OpenSSH maintainer to decide what to do with this.

Comment 4 Brian Feldman 2003-07-13 05:10:57 UTC

Responsible Changed
From-To: green->des

ssh over to DES

Does this still occur with more recent versions of FreeBSD / OpenSSH?

DES
--=20
Dag-Erling Sm=F8rgrav - des@des.no

Comment 6 Dag-Erling Smørgrav 2003-08-19 11:48:06 UTC

State Changed
From-To: open->closed

Feedback timeout.