openssh-1.2.2 bug/patch

Bob Manson manson at ricochet.net
Mon Mar 6 17:19:52 EST 2000


sshd can free a buffer twice in some circumstances; here's a patch.
(causes sshd to crash under linux; a similar fix is probably needed
for the pam code, btw)

--- sshd.c~	Tue Jan 25 16:07:22 2000
+++ sshd.c	Sun Mar  5 22:14:40 2000
@@ -1525,7 +1525,10 @@
 		}
 
 		if (client_user != NULL)
+		  {
 			xfree(client_user);
+			client_user = NULL;
+		  }
 
 		if (attempt > AUTH_FAIL_MAX)
 			packet_disconnect(AUTH_FAIL_MSG, pw->pw_name);





More information about the openssh-unix-dev mailing list