I see a few problems with the source code at this point.
Line 231: sizeof (rootpass) on my computer is 4. This is
always going to be less than strlen(pw->pw_passwd) So this
if statement is redundant. I think this was perhaps meant
to say strlen (rootpass)
However: rootpass is uninitialized if !HAVE_GETSPNAM &&
CHECKROOT so strlen would not work.
Also: even if strlen(pw->pw_passwd) >= sizeof (rootpass) &&
strlen(pw->pw_passwd) >= strlen (rootpass), the code then
goes on to replace rootpass with enough space to complete
the strcpy unconditionally
P.S. there is no check to see whether or not the alloca
(line 236) has failed.
Could CHECKROOT be turned off in the binary rpm until this
problem is somehow otherwise resolved?
ypserv-22.214.171.124-1.i386.rpm would segfault with yp-tools-2.2-1 (after
sucessfully changing the password). However, it seems to work with
This problem that I was experiencing was happening in combination with
Thorsten Kukuk <firstname.lastname@example.org> wrote me back and said that, indeed,
removing that bizarre if statement was the correct patch. 1.3.36
(which is newer than 126.96.36.199) has this fix incorporated.
i misunderstood mr kukuk. 1.3.36 is the latest stable released
version, not the latest version. 188.8.131.52 is indeed the latest
version, and I guess he has that patch applied in some local
sourcetree of his:
"No, it is fixed in my sourcetree. I only need patches
for the other things in the TODO file."
I believe this problem is fixed in ypserv-184.108.40.206-3. Please reopen
this bug if I'm mistaken.