jcm@ORNL-MSR.ARPA (James A. Mullens) (10/18/86)
I have recently had EDT crash on uVAX II / VMS 4.4, and VMS itself crash on 780 / VMS 4.2 when running EDT from a DECnet terminal over an Ethernet. EDT gave a memory protect violation and VMS gave a fatal bug check (while in another process). It seems that VAX/VMS should protect itself from any computer sitting on an Ethernet cable, so I don't really blame my IBM PC for the crashes. But I suspect the PC might be a "bad neighbor". (BTW, the crashes do not occur if I "set host" from one uVAX to another, or if I run EDT from a terminal on a RS232 port. I was running on the uVAX with full privileges, but on the 780 with no privileges. I believe this made the 780 system manager feel he had been violated!) I'd like to hear of any additional experiences along this line, especially involving early versions of DECnet DOS (distributed by DEC for PCs). I'm not a system manager tearing my hair out over this problem, just a user who would like to (eventually) have a bug-free DECnet link between a PC and a VAX. Thanks - jim mullens / jcm@ornl-msr.arpa / 615-574-5564
jcm@ORNL-MSR.ARPA (James A. Mullens) (10/31/86)
I recently reported a problem with DECnet, in which a nonpriveleged user could crash a VMS 4.2 system. This could be done over an Ethernet link from an IBM AT running a DECnet work-alike product called CommUnity. The problem has now been fixed by the CommUnity people. I think their explanation of the problem confirms some rumors about the vulnerability of VMS -- at least VMS 4.2. They says that their software was mistakenly sending the wrong length for a DECnet packet. They actually claimed that "the packet length field was set to a negative number". This was, of course, a violation of the protocal. Still, it is amazing that VMS accepted the length specification and acted on it, committing "computer-cide" in the process. Our local DEC sales rep mentioned that the early DECnet DOS releases caused similar problems. I can believe this. It seems that a trivial programming mistake on the sender's side can cause an crash at the receiving end! It is encouraging that our VMS 4.4 system did not crash under identical circumstances, but terminated the EDT job running with an access protection violation. This may mean that DEC has already fixed this sort of problem with the current releases of VMS. On the other hand, the 4.4 system may have been saved by trivial differences between the two systems. As a final note, I have been using CommUnity since I received the fix and I have not found any more problems with the product. jim mullens / oak ridge national lab / jcm@ornl-msr.arpa