Re: [PATCH] use of uninitialized variable fds in main_noinetd()
You may want to see if DROPBEAR_FD_ZERO() is a more appropriate macro to use in this instance (see dbutil.h::93). Regards, Claude Bing On 11/29/19 2:02 PM, Timur R. Mustafin wrote: > Hi. > > I started dropbear application on our e2k platform in specific > "protected mode". Particulary it cheks in runtime for use of > uninitialized variables. So it finds such case in file svr-main.c with > variable fds in main_noinetd(). Patch is very small: > > diff -ruN dropbear-2019.78.orig/svr-main.c dropbear-2019.78/svr-main.c > --- dropbear-2019.78.orig/svr-main.c 2019-03-27 17:15:23.0 +0300 > +++ dropbear-2019.78/svr-main.c 2019-11-13 19:40:36.688398257 +0300 > @@ -143,7 +143,9 @@ > { > dropbear_exit("No listening ports available."); > } > > + /* Initialize fds by zeroes before use */ > + FD_ZERO(); > for (i = 0; i < listensockcount; i++) { > FD_SET(listensocks[i], ); > } >
Fix build issue with svr-chansession.c
When building dropbear with the following configuration options, a compilation error occurs. Note that the most important option in localoptions.h is DROPBEAR_SVR_PUBKEY_AUTH = 0. --- localoptions.h: #define INETD_MODE 0 #define DROPBEAR_X11FWD 0 #define DROPBEAR_CLI_LOCALTCPFWD 0 #define DROPBEAR_CLI_REMOTETCPFWD 0 #define DROPBEAR_SVR_LOCALTCPFWD 0 #define DROPBEAR_SVR_REMOTETCPFWD 0 #define DROPBEAR_SVR_AGENTFWD 0 #define DROPBEAR_CLI_AGENTFWD 0 #define DROPBEAR_CLI_PROXYCMD 0 #define DROPBEAR_CLI_NETCAT 0 #define DROPBEAR_USER_ALGO_LIST 0 #define DROPBEAR_SVR_PUBKEY_AUTH 0 #define MAX_AUTH_TRIES 5 #define DROPBEAR_SFTPSERVER 0 --- Build output: svr-chansession.c: In function ‘sessioncommand’: svr-chansession.c:682: error: ‘struct ChanSess’ has no member named ‘original_command’ --- This is fixed with the attached patch, which adds a missing #if...#endif. -- Regards, Claude Bing --- svr-chansession.c.orig 2018-12-26 12:35:30.838027183 -0500 +++ svr-chansession.c 2018-12-26 12:34:32.194026255 -0500 @@ -679,7 +679,9 @@ /* take global command into account */ if (svr_opts.forced_command) { +#if DROPBEAR_SVR_PUBKEY_OPTIONS_BUILT chansess->original_command = chansess->cmd ? : m_strdup(""); +#endif chansess->cmd = m_strdup(svr_opts.forced_command); } else { /* take public key option 'command' into account */