[Bug 3579] New: OpenSSH trims last character of fixed-lenght buffers received from the pkcs11 providers providing users with inaccurate information

Thu Jun 15 00:13:25 AEST 2023

https://bugzilla.mindrot.org/show_bug.cgi?id=3579

            Bug ID: 3579
           Summary: OpenSSH trims last character of fixed-lenght buffers
                    received from the pkcs11 providers providing users
                    with inaccurate information
           Product: Portable OpenSSH
           Version: 9.3p1
          Hardware: Other
                OS: Linux
            Status: NEW
          Severity: enhancement
          Priority: P5
         Component: Smartcard
          Assignee: unassigned-bugs at mindrot.org
          Reporter: jjelen at redhat.com

The rmspace() function is removing last character from the fixed-length
buffers to make sure they are safe for handling with standard functions
such as printf and null terminated. But this is problematic when the
buffer is full, which is common for serial number.

Right now, these buffers are not used for anything else than debug
information and PIN prompt so it should be safe not to remove the last
character and use printfs()'s precision modifier to make sure we do not
go over the buffer limits.

https://github.com/openssh/openssh-portable/pull/406

-- 
You are receiving this mail because:
You are watching the assignee of the bug.