[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Patch: Invalid read while parsing known_hosts


On Friday, October 12, 2018 3:53:32 PM CEST Tilo Eckert wrote:
> Hi,

Hi Tilo,
 
> two patches are attached.
> 
> The first one fixes an invalid read when parsing lines from the
> known_hosts file, which was introduced by commit 21962d. The bug causes
> host keys sent by the server to be randomly rejected. For the average
> known_hosts line, the tokens array in ssh_get_knownhost_line() contains
> four tokens, with tokens[3]=NULL. However, tokens[4] is accessed for
> token validation, which is beyond the end of the tokens array, resulting
> in valid host lines being dropped randomly.
> 
> The patch completely removes the related check because the optional
> comment field may contain whitespace which would result in an arbitrary
> number of tokens. Hence, token count >= 3 implies a correctly formatted
> known_hosts line.

thanks. You should use the *new* API for known_hosts :-) I will mark the old 
API as deprecated in master.

> 
> The other patch fixes a type re-declaration issue which causes errors on
> some compilers.

I will push to master and stable-0.8 as soon as it passes CI.


	Andreas




References:
Patch: Invalid read while parsing known_hostsTilo Eckert <tilo.eckert@xxxxxxx>
Archive administrator: postmaster@lists.cynapses.org