[Bug 2207] Potential NULL deference, found using coverity
bugzilla-daemon at mindrot.org
bugzilla-daemon at mindrot.org
Tue Mar 4 08:27:38 EST 2014
https://bugzilla.mindrot.org/show_bug.cgi?id=2207
Damien Miller <djm at mindrot.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |djm at mindrot.org
Severity|security |trivial
--- Comment #1 from Damien Miller <djm at mindrot.org> ---
We don't normally mark crashers as security bugs unless they take down
the master sshd process.
That being said, there is no NULL dereference here anyway. See the
"kdfname == NULL"
You are right about the logic error in testing the KDF name, but the
impact of this is failure to read keys that have a KDF that is other
than 'bcrypt' or 'none', which we would not be able to do anyway.
--
You are receiving this mail because:
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.
More information about the openssh-bugs
mailing list