[Bug 2619] New: infinite loop, 100% cpu use in ssh if ^Z is pressed at password prompt
bugzilla-daemon at bugzilla.mindrot.org
bugzilla-daemon at bugzilla.mindrot.org
Tue Sep 27 21:27:59 AEST 2016
https://bugzilla.mindrot.org/show_bug.cgi?id=2619
Bug ID: 2619
Summary: infinite loop, 100% cpu use in ssh if ^Z is pressed at
password prompt
Product: Portable OpenSSH
Version: 7.3p1
Hardware: Other
OS: Linux
Status: NEW
Severity: enhancement
Priority: P5
Component: ssh
Assignee: unassigned-bugs at mindrot.org
Reporter: jjelen at redhat.com
Steps to reproduce:
1. either change or create a test login with /bin/sh as
login shell (should work regarding shell)
2. "ssh user at localhost" and login
3. "sftp user at localhost" and press ^Z in the password
prompt
A few times it will work. It depends a bit on what code
is being executed in the readpassphrase function, at
openbsd-compat/readpassphrase.c in the openssh code.
It has been verified that exec'ing again /bin/sh with
--posix before running sftp, or exporting the environment
variable POSIXLY_CORRECT before the "ssh user at localhost"
step prevents the problem.
So, while the problem appears to be kind of expected, it
is being reported in case it was not meant to happen.
Originally reported in Red Hat bugzilla [1]. This is rare race
condition, where we stuck in the code openbsd-compat/readpassphrase.c:
while (tcsetattr(input, _T_FLUSH, &oterm) == -1 &&
errno == EINTR)
continue;
but it should not happen. The possible solution would be to check the
signal received in the handler, but I am not sure about most
appropriate fallback when the above fails.
More verbose analysis is in the above mentioned bug.
[1] https://bugzilla.redhat.com/show_bug.cgi?id=1218424
--
You are receiving this mail because:
You are watching the assignee of the bug.
More information about the openssh-bugs
mailing list