[Pkg-shadow-devel] login assertion on invalid input
christian.casteyde at free.fr
christian.casteyde at free.fr
Thu Jul 14 15:14:20 UTC 2011
Hello,
Under high load I managed to type too quickly and entered an invalid
input at login prompt on my system. That was a command with a pipe, which
triggers an assertion in login, causing it to crash:
login: dmesg | less
login: loginprompt.c:164: loginprompt: Assertion `wlen == (int) len -1' failed
This may be interesting to check, just to see if this kind of input
cannot be used to get unauthorized access.
My kernel uses UTF-8. My system is Slackware64 13.37, which uses util-
linux 2.19.
Regards,
C. Casteyde
More information about the Pkg-shadow-devel
mailing list