Flash (Alert)
Abstract
The PTFs for APAR PM59618 add a new restriction that can affect systems or vendor products that provide the FTCHKCMD. FTPOSTPR, or FTCHKJES exit routines. The fix that the APAR provides is to ensure that any changes made to the supplied scratch pad area before the USER and PASS commands are processed (before switching to the user's authority) would still be available in subsequent invocations of these exits. However, no control blocks created in the address space (private storage) by these exits will be carried across that authority switch, so any pointers to those areas that are stored in the scratch pad will be unusable (attempts to reference those addresses will have unpredictable results, likely a storage violation exception (S0C4)).
Content
Update the affected exit routines to either:
- Not create any such data areas until after the server has switched to the session's userid.
- Recognize when a userid switch will be performed and remove any pointers to private memory areas that are in the scratch pad.
Note: Neither of these actions will result in a loss of function that had been performed without the PTF. Any data areas created before the userid switch were always deleted, before the PTF this also included the scratch pad. - Allocate the data areas in common storage, if you are certain that these exits will only be used on systems with the PTFs applied.
Note: Be sure to use a system key (0-7) for any such areas. If sensitive information is stored in these control blocks, a fetch protected subpool (such as 231) should also be used.
Related information
FTP Server Exit Routines
PM59618
Rate this page:
Copyright and trademark information
IBM, the IBM logo and ibm.com are trademarks of International Business Machines Corp., registered in many jurisdictions worldwide. Other product and service names might be trademarks of IBM or other companies. A current list of IBM trademarks is available on the Web at "Copyright and trademark information" at www.ibm.com/legal/copytrade.shtml.