[Bug 1085] Intermittent ssh core dumps

bugzilla-daemon at mindrot.org bugzilla-daemon at mindrot.org
Tue Oct 3 20:36:05 EST 2006


http://bugzilla.mindrot.org/show_bug.cgi?id=1085





------- Comment #13 from dtucker at zip.com.au  2006-10-03 20:36 -------
I'm now pretty sure this an OpenSSL bug.  I helped someone else with a
crash in the same place (DH GEX) and was able to reproduce it.  It was
a caused by a problem in UltraSPARC assembler implementation of
bn_sub_words().  Since it's in the assembler code, building OpenSSL
with "no-asm" will not exhibit the problem.

This is from OpenSSL's CVS log:

[quote]
revision 1.5
date: 2005/11/15 08:02:10;  author: appro;  state: Exp;  lines: +12 -0
Apply "better safe than sorry" approach after addressing sporadic SEGV
in
bn_sub_words to the rest of the sparcv8plus.S.
----------------------------
revision 1.4
date: 2005/11/11 20:07:07;  author: appro;  state: Exp;  lines: +2 -2
Attempt to resolve sporadic SEGV crashes in bn_sub_words in OpenSSH.
I'm
baffled why it crashes and does it sporadically...
[/quote]

(according to OpenSSL's CVS, this patch is in OpenSSL >= 0.9.7j and >=
0.9.8b).

I replaced only that file in openssl-0.9.8a, rebuilt everything and was
no longer reproduce the problem.  I recommend that you upgrade to
OpenSSL 0.9.8d (or the latest 0.9.7) and rebuild OpenSSH (if you
haven't already).

It took a while, but I think we can now close this bug :-)




------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.



More information about the openssh-bugs mailing list