[Bug 2773] New: Potential segfault from ssh_remote_ipaddr()

bugzilla-daemon at bugzilla.mindrot.org bugzilla-daemon at bugzilla.mindrot.org
Mon Sep 4 21:00:29 AEST 2017


https://bugzilla.mindrot.org/show_bug.cgi?id=2773

            Bug ID: 2773
           Summary: Potential segfault from ssh_remote_ipaddr()
           Product: Portable OpenSSH
           Version: 7.5p1
          Hardware: Other
                OS: Linux
            Status: NEW
          Severity: enhancement
          Priority: P5
         Component: sshd
          Assignee: unassigned-bugs at mindrot.org
          Reporter: jjelen at redhat.com

Created attachment 3050
  --> https://bugzilla.mindrot.org/attachment.cgi?id=3050&action=edit
do not dereference NULL pointer before checking its validity

The function ssh_remote_ipaddr() is dereferencing ssh->state pointer
before it is checking it is not NULL.

This function is probably not called with closed connections in
upstream OpenSSH, but we are attaching audit messages explaining
reasons for failures and they can be used after the connection got
closed so we can see segfaults in some occasions.

For more information and debugging, see the RH bugzilla:
https://bugzilla.redhat.com/show_bug.cgi?id=1488083

-- 
You are receiving this mail because:
You are watching the assignee of the bug.


More information about the openssh-bugs mailing list