day@kovacs.UUCP (Dave Yost) (06/09/85)
A Silicon Graphics workstation called up our
4.2 vax and started up a uucico.
Funny thing was that the hostname on the SG machine
was null (""). The vax then proceeded to give it
mail messages destined for at least 2 machines other
than the one that was dialing in with the null hostname.
It probably would have given away the whole store if
the transmission hadn't gone bad for line noise reasons.
uucp (6/8-14:18-22263) OK (startup)
day (6/8-14:18-22263) REQUEST (S D.kovacsB1G42 D.kovacsB1G42 day)
day (6/8-14:19-22263) REQUEST (S D.kovacsX1G40 X.kovacsX1G40 day)
etc. ...
This is really bad.
--dave yostbob@olympus.UUCP (Bob Toxen) (06/22/85)
> A Silicon Graphics workstation called up our > 4.2 vax and started up a uucico. > Funny thing was that the hostname on the SGI machine > was null (""). The vax then proceeded to give it > mail messages destined for at least 2 machines other > than the one that was dialing in with the null hostname. > It probably would have given away the whole store if > the transmission hadn't gone bad for line noise reasons. > > --dave yost You do Silicon Graphics a disservice by implying that the bug was introduced by Silicon Graphics. THE BUG IS IN THE *VAX 4.2* UUCICO. I haven't spent the time to find the bug but it is prob- ably matching the first N characters where N is the length of the remote node name, in this case zero. Silicon Graphics uses a basically System V uucp with some bug fixes and enhancements such as ethernet support. The bug will probably show itself for any System V uucico calling 4.2bsd (it doesn't seem to occur if one 4.2 system calls another one). This bug was discovered and our uucico enhanced to abort if the node name is null a few weeks ago. You can wait for the July release or contact SGI for a special tape. I am supplying the fix as well as a fix for the 4.2 end for those with source. System V: *** /tmp/,RCSt1a28763 Fri Jun 21 23:02:48 1985 --- uucpname.c Mon Jun 17 11:40:02 1985 *************** *** 1,4 /* @(#)uucpname.c 1.5 */ #include "uucp.h" #ifdef UNAME --- 1,12 ----- /* @(#)uucpname.c 1.5 */ + static char *Sccsid = "@(#)$Header: /ws/rel/src/usr.bin/uucp/RCS/uucpname.c,v 1.2 85/06/17 11:39:09 bob Exp $"; + /* + * $Log: uucpname.c,v $ + * Revision 1.2 85/06/17 11:39:09 bob + * Fixed to abort if node name is null since otherwise 4.2bsd uucp will + * send every node's mail to the node! + * + */ #include "uucp.h" #ifdef UNAME *************** *** 34,39 while ((*d = *s++) && d < name + SYSNSIZE) d++; *(name + SYSNSIZE) = '\0'; /* the following statements are for debugging */ #ifdef TESTB ret = guinfo(getuid(), loginusr, msg); --- 42,53 ----- while ((*d = *s++) && d < name + SYSNSIZE) d++; *(name + SYSNSIZE) = '\0'; + if (!*name) { + fprintf(stderr, "Node name is empty\n"); + DEBUG(1, "Node name is empty\n", 0); + logent("Node name is empty","uucico aborted"); + exit(3); + } /* the following statements are for debugging */ #ifdef TESTB ret = guinfo(getuid(), loginusr, msg); *************** *** 49,53 break; } #endif - return; } --- 63,66 ----- break; } #endif } 4.2bsd: *** /tmp/,RCSt1023671 Fri Jun 21 23:53:56 1985 --- cico.c Fri Jun 21 23:53:35 1985 *************** *** 1,6 #ifndef lint static char sccsid[] = "@(#)cico.c 5.3 (Berkeley) 10/3/83"; ! static char *Sccsid = "@(#)$Header: cico.c,v 1.3 85/01/07 12:18:03 bob Exp $"; /* # $Log: cico.c,v $ * Revision 1.3 85/01/07 12:18:03 bob --- 1,6 ----- #ifndef lint static char sccsid[] = "@(#)cico.c 5.3 (Berkeley) 10/3/83"; ! static char *Sccsid = "@(#)$Header: cico.c,v 1.4 85/06/21 23:52:34 bob Exp $"; /* # $Log: cico.c,v $ * Revision 1.4 85/06/21 23:52:34 bob *************** *** 3,8 static char *Sccsid = "@(#)$Header: cico.c,v 1.3 85/01/07 12:18:03 bob Exp $"; /* # $Log: cico.c,v $ * Revision 1.3 85/01/07 12:18:03 bob * Installed seismo!rick's lost line fix posted on Usenet. * --- 3,13 ----- static char *Sccsid = "@(#)$Header: cico.c,v 1.4 85/06/21 23:52:34 bob Exp $"; /* # $Log: cico.c,v $ + * Revision 1.4 85/06/21 23:52:34 bob + * Fixed to abort connection if remote node name is empty (so that we won't + * send it all jobs waiting for all systems due to a bug in pattern + * matching deeply buried). + * * Revision 1.3 85/01/07 12:18:03 bob * Installed seismo!rick's lost line fix posted on Usenet. * *************** *** 228,233 p = pskip(q); sprintf(Rmtname, "%.7s", q); DEBUG(4, "sys-%s\n", Rmtname); if (mlock(Rmtname)) { omsg('R', "LCK", Ofn); cleanup(0); --- 233,243 ----- p = pskip(q); sprintf(Rmtname, "%.7s", q); DEBUG(4, "sys-%s\n", Rmtname); + if (!*Rmtname) { + DEBUG(1, "Remote node name is empty\n", 0); + logent("Remote node name is empty","uucico aborted"); + cleanup(0); + } if (mlock(Rmtname)) { omsg('R', "LCK", Ofn); cleanup(0); -- Bob Toxen "Beam us up, Scotty! We found the only intelligent OS." Silicon Graphics {ucbvax,decwrl,ames!vienna,dual,its}!olympus!bob
arnold@ucsfcgl.UUCP (Ken Arnold%CGL) (07/07/85)
The following is being posted for a friend whose machine is currently refusing to post. All responses should be addressed to him, not me (I don't even read this group), at olympus!bob. Ken Arnold ====================START ARTICLE==================== >From postnews Sat Jun 22 00:42:24 1985 >From postnews Sat Jun 22 00:18:09 1985 > A Silicon Graphics workstation called up our > 4.2 vax and started up a uucico. > Funny thing was that the hostname on the SGI machine > was null (""). The vax then proceeded to give it > mail messages destined for at least 2 machines other > than the one that was dialing in with the null hostname. > It probably would have given away the whole store if > the transmission hadn't gone bad for line noise reasons. > > --dave yost You do Silicon Graphics a disservice by implying that the bug was introduced by Silicon Graphics. THE BUG IS IN THE *VAX 4.2* UUCICO. I haven't spent the time to find the bug but it is prob- ably matching the first N characters where N is the length of the remote node name, in this case zero. Silicon Graphics uses a basically System V uucp with some bug fixes and enhancements such as ethernet support. The bug will probably show itself for any System V uucico calling 4.2bsd (it doesn't seem to occur if one 4.2 system calls another one). This bug was discovered and our uucico enhanced to abort if the node name is null a few weeks ago. You can wait for the July release or contact SGI for a special tape. I am supplying the fix as well as a fix for the 4.2 end for those with source. System V: *** /tmp/,RCSt1a28763 Fri Jun 21 23:02:48 1985 --- uucpname.c Mon Jun 17 11:40:02 1985 *************** *** 1,4 /* @(#)uucpname.c 1.5 */ #include "uucp.h" #ifdef UNAME --- 1,12 ----- /* @(#)uucpname.c 1.5 */ + static char *Sccsid = "@(#)$Header: /ws/rel/src/usr.bin/uucp/RCS/uucpname.c,v 1.2 85/06/17 11:39:09 bob Exp $"; + /* + * $Log: uucpname.c,v $ + * Revision 1.2 85/06/17 11:39:09 bob + * Fixed to abort if node name is null since otherwise 4.2bsd uucp will + * send every node's mail to the node! + * + */ #include "uucp.h" #ifdef UNAME *************** *** 34,39 while ((*d = *s++) && d < name + SYSNSIZE) d++; *(name + SYSNSIZE) = '\0'; /* the following statements are for debugging */ #ifdef TESTB ret = guinfo(getuid(), loginusr, msg); --- 42,53 ----- while ((*d = *s++) && d < name + SYSNSIZE) d++; *(name + SYSNSIZE) = '\0'; + if (!*name) { + fprintf(stderr, "Node name is empty\n"); + DEBUG(1, "Node name is empty\n", 0); + logent("Node name is empty","uucico aborted"); + exit(3); + } /* the following statements are for debugging */ #ifdef TESTB ret = guinfo(getuid(), loginusr, msg); *************** *** 49,53 break; } #endif - return; } --- 63,66 ----- break; } #endif } 4.2bsd: *** /tmp/,RCSt1023671 Fri Jun 21 23:53:56 1985 --- cico.c Fri Jun 21 23:53:35 1985 *************** *** 1,6 #ifndef lint static char sccsid[] = "@(#)cico.c 5.3 (Berkeley) 10/3/83"; ! static char *Sccsid = "@(#)$Header: cico.c,v 1.3 85/01/07 12:18:03 bob Exp $"; /* # $Log: cico.c,v $ * Revision 1.3 85/01/07 12:18:03 bob --- 1,6 ----- #ifndef lint static char sccsid[] = "@(#)cico.c 5.3 (Berkeley) 10/3/83"; ! static char *Sccsid = "@(#)$Header: cico.c,v 1.4 85/06/21 23:52:34 bob Exp $"; /* # $Log: cico.c,v $ * Revision 1.4 85/06/21 23:52:34 bob *************** *** 3,8 static char *Sccsid = "@(#)$Header: cico.c,v 1.3 85/01/07 12:18:03 bob Exp $"; /* # $Log: cico.c,v $ * Revision 1.3 85/01/07 12:18:03 bob * Installed seismo!rick's lost line fix posted on Usenet. * --- 3,13 ----- static char *Sccsid = "@(#)$Header: cico.c,v 1.4 85/06/21 23:52:34 bob Exp $"; /* # $Log: cico.c,v $ + * Revision 1.4 85/06/21 23:52:34 bob + * Fixed to abort connection if remote node name is empty (so that we won't + * send it all jobs waiting for all systems due to a bug in pattern + * matching deeply buried). + * * Revision 1.3 85/01/07 12:18:03 bob * Installed seismo!rick's lost line fix posted on Usenet. * *************** *** 228,233 p = pskip(q); sprintf(Rmtname, "%.7s", q); DEBUG(4, "sys-%s\n", Rmtname); if (mlock(Rmtname)) { omsg('R', "LCK", Ofn); cleanup(0); --- 233,243 ----- p = pskip(q); sprintf(Rmtname, "%.7s", q); DEBUG(4, "sys-%s\n", Rmtname); + if (!*Rmtname) { + DEBUG(1, "Remote node name is empty\n", 0); + logent("Remote node name is empty","uucico aborted"); + cleanup(0); + } if (mlock(Rmtname)) { omsg('R', "LCK", Ofn); cleanup(0); Bob Toxen "Beam us up, Scotty! We found the only intelligent OS." Silicon Graphics {ucbvax,decwrl,ames!vienna,dual,its}!olympus!bob --------------------------- uncut here ---------------------------- Thanks,