rcodi@yabbie.rmit.oz (Ian Donaldson) (03/17/88)
Subject: /etc/init dereferences null pointer + FIX Index: /usr/src/etc/init.c 4.3BSD Description: /etc/init dereferences a null pointer causing havoc on some systems Repeat-By: Run it on a machine that either disallows null pointer dereferences or doesn't have a NULL at location 0 (this counts Vaxen out). If your machine allows NULL pointer dereferences and don't have a NULL at location 0, you will get a lot of bogus getty's fired up and then killed, and then fired up again, repeatedly until you get bored with it all and reboot the machine. If you're lucky you might even get a getty that you can use to login with. If your machine disallows NULL pointer dereferences you will probably get a "panic: init died" message as soon as the machine attempts to go multi-user. Fix: The getttyent(3) routine can return the ty_window field as a NULL pointer (and most probably will on most machines). This is documented behaviour and not a bug, but the authors of the 4.3 mods to /etc/init obviously didn't account for this behaviour. A vax gets away with this because a NULL is at location 0. Apply the following patch to init.c: ------------------ *** /usr/src/etc/init.c.orig Tue May 27 15:12:44 1986 --- /usr/src/etc/init.c Thu Mar 17 10:36:21 1988 *************** *** 306,312 **** p->xflag |= CHANGE; SCPYN(p->comn, t->ty_getty); } ! if (SCMPN(p->wcmd, t->ty_window)) { p->xflag |= WCHANGE|CHANGE; SCPYN(p->wcmd, t->ty_window); } --- 311,317 ---- p->xflag |= CHANGE; SCPYN(p->comn, t->ty_getty); } ! if (t->ty_window && SCMPN(p->wcmd, t->ty_window)) { p->xflag |= WCHANGE|CHANGE; SCPYN(p->wcmd, t->ty_window); } *************** *** 335,341 **** SCPYN(p->line, t->ty_name); p->xflag |= FOUND|CHANGE; SCPYN(p->comn, t->ty_getty); ! if (strcmp(t->ty_window, "") != 0) { p->xflag |= WCHANGE; SCPYN(p->wcmd, t->ty_window); } --- 340,346 ---- SCPYN(p->line, t->ty_name); p->xflag |= FOUND|CHANGE; SCPYN(p->comn, t->ty_getty); ! if (t->ty_window && strcmp(t->ty_window, "") != 0) { p->xflag |= WCHANGE; SCPYN(p->wcmd, t->ty_window); } ------------------ Ian D