[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Patch: Invalid read while parsing known_hosts
[Thread Prev] | [Thread Next]
- Subject: Re: Patch: Invalid read while parsing known_hosts
- From: Andreas Schneider <asn@xxxxxxxxxxxxxx>
- Reply-to: libssh@xxxxxxxxxx
- Date: Sat, 13 Oct 2018 10:22:21 +0200
- To: libssh@xxxxxxxxxx
- Cc: Tilo Eckert <tilo.eckert@xxxxxxx>
On Friday, October 12, 2018 3:53:32 PM CEST Tilo Eckert wrote: > Hi, Hi Tilo, > two patches are attached. > > The first one fixes an invalid read when parsing lines from the > known_hosts file, which was introduced by commit 21962d. The bug causes > host keys sent by the server to be randomly rejected. For the average > known_hosts line, the tokens array in ssh_get_knownhost_line() contains > four tokens, with tokens[3]=NULL. However, tokens[4] is accessed for > token validation, which is beyond the end of the tokens array, resulting > in valid host lines being dropped randomly. > > The patch completely removes the related check because the optional > comment field may contain whitespace which would result in an arbitrary > number of tokens. Hence, token count >= 3 implies a correctly formatted > known_hosts line. thanks. You should use the *new* API for known_hosts :-) I will mark the old API as deprecated in master. > > The other patch fixes a type re-declaration issue which causes errors on > some compilers. I will push to master and stable-0.8 as soon as it passes CI. Andreas
| Patch: Invalid read while parsing known_hosts | Tilo Eckert <tilo.eckert@xxxxxxx> |