[Bug 1092] get_remote_hostname() potentially passing uninitialised buffer to debug

bugzilla-daemon at mindrot.org bugzilla-daemon at mindrot.org
Mon Sep 26 15:15:25 EST 2005


http://bugzilla.mindrot.org/show_bug.cgi?id=1092

           Summary: get_remote_hostname() potentially passing uninitialised
                    buffer to debug
           Product: Portable OpenSSH
           Version: 4.2p1
          Platform: All
        OS/Version: All
            Status: NEW
          Severity: minor
          Priority: P2
         Component: ssh
        AssignedTo: bitbucket at mindrot.org
        ReportedBy: dleonard at vintela.com


get_remote_hostname() calls check_ip_options(..., ntop)
but, at that point, ntop is an uninitialised auto.
check_ip_options(, ipaddr) then calls logit("...%.100s..", ipaddr)
which will log some binary garbage.



------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.




More information about the openssh-bugs mailing list