Pavel Roskin writes: > > I run "cvs server" from the command line (I tried Linux console and rxvt - > same result), then I press Ctrl-C and Ctrl-D. > > This message is printed continuously: > > cvs: buffer.c:1384: stdio_buffer_shutdown: Assertion `fstat ( fileno > (bc->fp), &s ) != -1' failed. > > I can only kill cvs by the "KILL" signal.
That's been reported before -- it's a bug in the cleanup code that results in an infinite loop (the assertion failure in the cleanup code results in the cleanup code being called again ad infinitum). > I cannot reproduce this bug over ssh (OpenSSH_3.4p1) - cvs terminates on > Ctrl-C. However, I cannot exclude the possibility that this bug can be > exploited to execute random commands on a server that only allows the user > to execute "cvs server". It's a simple infinite loop, not a buffer overflow or anything else exploitable. -Larry Jones I obey the letter of the law, if not the spirit. -- Calvin _______________________________________________ Bug-cvs mailing list [EMAIL PROTECTED] http://mail.gnu.org/mailman/listinfo/bug-cvs
