You are viewing a plain text version of this content. The canonical link for it is here.
Posted to apache-bugdb@apache.org by rafael san miguel <NI...@retemail.es> on 2001/02/16 16:07:40 UTC

general/7256: htpasswd core dumps at function ap_cpystrn when in function mkrecord

>Number:         7256
>Category:       general
>Synopsis:       htpasswd core dumps at function ap_cpystrn when in function mkrecord
>Confidential:   no
>Severity:       non-critical
>Priority:       medium
>Responsible:    apache
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:
>Class:          sw-bug
>Submitter-Id:   apache
>Arrival-Date:   Fri Feb 16 07:10:00 PST 2001
>Closed-Date:
>Last-Modified:
>Originator:     NIKEBOY@retemail.es
>Release:        1.3.14
>Organization:
apache
>Environment:
Linux starlaser 2.2.16 #21 Wed Dec 27 19:55:51 CET 2000 i686 unknown

it's slackware 7.0 

Reading specs from /usr/lib/gcc-lib/i386-slackware-linux/egcs-2.91.66/specs
gcc version egcs-2.91.66 19990314/Linux (egcs-1.1.2 release)
>Description:
i issued: "htpasswd -b .htpasswd kiss hello" and traced program execution with gdb

Breakpoint 1, 0x8049b36 in ap_cpystrn ()
(gdb) bt
#0  0x8049b36 in ap_cpystrn ()
#1  0x8048f0a in mkrecord ()
#2  0x80497b3 in main ()
#3  0x40056aa7 in __libc_start_main () from /lib/libc.so.6

Program received signal SIGSEGV, Segmentation fault.
0x8049b36 in ap_cpystrn ()
(gdb) bt
#0  0x8049b36 in ap_cpystrn ()
#1  0x8048f0a in mkrecord ()
#2  0x80497b3 in main ()
#3  0x40056aa7 in __libc_start_main () from /lib/libc.so.6

(gdb) info register edx
edx            0x0      0

this is the code where the program crashes (ap_cpystrn line)

 ap_getpass("Re-type new password: ", pwv, sizeof(pwv));
        if (strcmp(pwin, pwv) != 0) {
            ap_cpystrn(record, "password verification error", (rlen - 1));
            return ERR_PWMISMATCH;
        }
>How-To-Repeat:
i just typed (from a normal user shell) : htpasswd -b .htpasswd kiss
where .htpasswd is an empty file and kiss is the username to be added
(same error using -b option)
>Fix:
use strncpy instead
>Release-Note:
>Audit-Trail:
>Unformatted:
 [In order for any reply to be added to the PR database, you need]
 [to include <ap...@Apache.Org> in the Cc line and make sure the]
 [subject line starts with the report component and number, with ]
 [or without any 'Re:' prefixes (such as "general/1098:" or      ]
 ["Re: general/1098:").  If the subject doesn't match this       ]
 [pattern, your message will be misfiled and ignored.  The       ]
 ["apbugs" address is not added to the Cc line of messages from  ]
 [the database automatically because of the potential for mail   ]
 [loops.  If you do not include this Cc, your reply may be ig-   ]
 [nored unless you are responding to an explicit request from a  ]
 [developer.  Reply only with text; DO NOT SEND ATTACHMENTS!     ]