[Bug 809] ssh-keyscan breaks too obscurely when remote isn't an SSH server

bugzilla-daemon at mindrot.org bugzilla-daemon at mindrot.org
Mon Mar 8 09:00:47 EST 2004


http://bugzilla.mindrot.org/show_bug.cgi?id=809

           Summary: ssh-keyscan breaks too obscurely when remote isn't an
                    SSH server
           Product: Portable OpenSSH
           Version: 3.8p1
          Platform: All
               URL: http://bugs.debian.org/228828
        OS/Version: Linux
            Status: NEW
          Severity: normal
          Priority: P2
         Component: Miscellaneous
        AssignedTo: openssh-bugs at mindrot.org
        ReportedBy: cjwatson at debian.org


When you ask ssh-keyscan to scan something that isn't an SSH server, it
sometimes fatals before scanning the rest of the list, rather than printing a
debug message and continuing as it's supposed to. This appears to be because
remote_major and remote_minor aren't initialized in congreet(), so if the
sscanf() for the SSH version banner fails then they just contain whatever
happens to be on the stack.

A patch will follow in a moment.

------- Additional Comments From cjwatson at debian.org  2004-03-07 23:52 -------
Created an attachment (id=570)
 --> (http://bugzilla.mindrot.org/attachment.cgi?id=570&action=view)
Initialize remote_major and remote_minor for each connection




------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.




More information about the openssh-bugs mailing list