possible bug in HDB uucp?

[Daniel R. Levy]

In article <1033 at vsi.COM>, friedl at vsi.COM (Stephen J. Friedl) writes:
< In article <1025 at vsi.COM>, friedl at vsi.COM (Stephen J. Friedl) writes:
< > [summary] HDB on a 3B2/400, Sys V Rel 3.1.  In the Systems
< > file, a password containing a % is expanded as in printf,
< > so "%foobar" ---> "0.00000oobar".
< In article <116 at attibr.UUCP>, vch at attibr.UUCP (Vincent C. Hatem) writes:
< > Very strange... the source code uses write(2) to send the string to the
< > remote host.
< The expansion I'm seeing is in the -x9 *debug* output, and I
< guess I didn't check to see if it were going to the other end
< that way.
< In any case, the remote login worked fine if I went at it with
< cu, but no combination of % or %% or \% in the password field would
< make it work via uucico.

I partially verified this (on the 3B2 running SVR3); as root, I Uutry'd a
system which had a "%g" embedded in its password and it was similarly "printf-
expanded" in the debug output.  However, the remote apparently received the
correct password, as the login succeeded and the machines began to converse.

I pored over the HDB source on another machine (which has an earlier version of
conn.c, i.e., 1.16, versus 2.9 according to "what" on the binary which was
supplied with my 3B2) and this phenomenon appears to be impossible!  As V.
Hatem pointed out, write() is used to send the data to the remote host.  This
is done one character at a time.  Also, the debug output is written one
character at a time.  fprintf(stderr...) is used, but always a proper format
is supplied (through the CDEBUG macro) for the second argument.

Doo doo doo doo, Doo doo doo doo, ...
-- 
Daniel R. Levy             UNIX(R) mail:  att!ttbcad!levy
AT&T Bell Laboratories
5555 West Touhy Avenue     Any opinions expressed in the message above are
Skokie, Illinois  60077    mine, and not necessarily AT&T's.