steve@tellab3.UUCP (Steve Harpster) (05/31/84)
The following is a bug I discovered yesterday which caused our uuxqt to die. I am reletively new to the net so if this bug has been already hashed out, I apologize. Subject: Uuxqt hangs Index: usr.bin/uucp/uuxqt.c 4.2BSD Description: Uuxqt dies with an ASSERT XQTDIR ERROR when an execute file has a name greater than 14 characters. When in debug mode, the full pathname of the execute file shown is garbage. Repeat-By: uux host!cmd very_long_filename Fix: The problem is in mvxfiles() in the file uuxqt.c. This is where the execute files are moved into XQTDIR. Notice that the line if (sscanf(&buf[1], "%s%s", ffile, tfile) < 2) doesn't restrict the length of ffile or tfile. Tfile is declared to be a character array of length NAMESIZE (== 15). This is fine on older versions of Unix where the maximum name of a file was guaranteed to be less than or equal to 14; however, in 4.2bsd, filenames can be up to 255 (see MAXNAMLEN in dir(5)). This results in blowing out the array tfile thereby corrupting tfull (which holds the full pathname of the execute file. My fix was to simply change the define NAMESIZE in uucp.h from 15 to 255. I suppose you should also up MAXFULLNAME which is currently set to 250 but that really seems ok for now (at least for us).