Hello
I have few questions about openssh...
1/ there is probably bug in auth-password.c in auth_password function
if (pw->pw_uid == 0 && options.permit_root_login == 2)
return 0;
if (*password == '\0' && options.permit_empty_passwd == 0)
return 0;
/* deny if no user. */
if (pw == NULL) <----------- this should be first checked ....
return 0;
2/ do I have to always read whole packed ? In example: I send packet with
int and string
as a data. Can I forget about reading string when I don't need it or there
is a possibility
of memory fragmentation ?
-
Waldemar Thiel (wth@id.pl)
I have few questions about openssh...
1/ there is probably bug in auth-password.c in auth_password function
if (pw->pw_uid == 0 && options.permit_root_login == 2)
return 0;
if (*password == '\0' && options.permit_empty_passwd == 0)
return 0;
/* deny if no user. */
if (pw == NULL) <----------- this should be first checked ....
return 0;
2/ do I have to always read whole packed ? In example: I send packet with
int and string
as a data. Can I forget about reading string when I don't need it or there
is a possibility
of memory fragmentation ?
-
Waldemar Thiel (wth@id.pl)