[8lgm]-Advisory-26.UNIX.rdist.20-3-1996

===========================================================================
        [8lgm]-Advisory-26.UNIX.rdist.20-3-1996
 
July 1 1996:
        Advisory released.

Jul 11 1996:
	Patch for Solaris 2.5 (SunOS 5.5) received for testing.

	The following is a trace from a Solaris 2.5 machine, using
	the same test as described in the advisory.

        -------------------------------------------------------------------
	libC/Inside Shared Library Tracing.  V1.0.1 (Solaris 2.5).
	Copyright (C) 1996, Electris Software Limited, All Rights Reserved.

		Tracing started Sat Jul 13 12:29:53 1996

		Pid is 18999
		Log file is /tmp/Inside.18999.1
		Log file descriptor is 3

		File descriptors open: 0, 1, 2

		uid=2(bin) gid=2(bin) euid=0(root) groups=2(bin),3(sys)

		Program is rdist

	_start+0x30->atexit(call_fini)
	return(0)
	_start+0x3c->atexit(_fini)
	return(0)
	main+0x28->getuid()
	return(2)
	main+0x30->seteuid(2)
	return(0)
	main+0x58->getuid()
	return(2)
	main+0x60->getpwuid(2)
	return((pw_name="bin", pw_passwd="x", pw_uid=2, pw_gid=2, pw_age="",\
		pw_comment="", pw_gecos="", pw_dir="/usr/bin", pw_shell=""))
	main+0xa4->strcpy(user, "bin")
	return(user)
	main+0xb8->strcpy(homedir, "/usr/bin")
	return(homedir)
	main+0xc8->gethostname(host, 32)
	return(0)
		(Arg 0 = "electris")
	main+0x104->strcmp("-d", "-Server")
	return(17)
	define+0x30->strchr("TestString", '=')
	return((null))
	lookup+0x118->malloc(16)
	return(0x34030)
	main+0x104->strcmp("-d", "-Server")
	return(17)
	define+0x30->strchr("TestString", '=')
	return((null))
	lookup+0x84->strcmp("TestString", "TestString")
	return(0)
	lookup+0xc8->sprintf(0xeffffb20, "%.200s redefined", "TestString")
	return(20)
		(Arg 0 = "TestString redefined")
	yyerror+0x1c->fflush(stdout)
	return(0)
	lookup+0xd0->fprintf(stderr, "rdist: line %d: %s\n", 1,\
		"TestString redefined")
	return(36)
	main+0x43c->mktemp("/tmp/rdistXXXXXX")
	return("/tmp/rdista004cr")
	main+0x4d0->fopen("distfile", "r")
	return((null))
	main+0x4f4->fopen("Distfile", "r")
	return((null))
	main+0x558->perror("distfile")
	return()
	main+0x560->exit(1)
        -------------------------------------------------------------------

	At lookup+0xc8, %s has been replaced by %.200s in the format
	string.  This ensures that only up to 200 characters are taken from
	the user supplied string.

===========================================================================