On Thursday, October 17, 2002, at 10:35 AM, Ben Collins wrote:
No, sshd should be checking the validity of the data that is returned to
it.
If a program makes a correct library call to glibc, and glibc returns a result code that indicates success, and yet returns data the contradicts the relevant documentation, standards, etc. How is that a bug in the program making the library call?
This seems either a bug in glibc or the 2.2 kernels. Saying its in the client program seems rather far fetched.