OpenSSH, sftp problems
Chris Adams
cmadams at hiwaay.net
Fri Jun 1 01:26:22 EST 2001
Once upon a time, George Dimitoglou <george at esa.nascom.nasa.gov> said:
> We are in a Tru64 4.0F environment, running C2 security and TCP
> Wrappers.
>
> We are using OpenSSH_2.5.1p2
> OpenSSL 0.9.5 28 Feb 2000
> Zlib 1.1.3
>
> for remote sessions and all works ok with ssh but we have many problems
> with sftp.
>
> Namely, the session ends when a user issues an 'ls' command during a
> sftp session. The following debug output may give someone a hint.
It is fixed in OpenSSH 2.9p1.
The problem is that sftp-server.c uses an "ll" modifier in snprintf when
printing a 64 bit integer. On 32 bit platforms, "long long" is used for
that type, which needs "ll". On 64 bit platforms (like Alpha), a 64 bit
type is just a "long" and only needs "l". Tru64 doesn't understand "ll"
and segfaults when it sees it (it actually could be used as a security
hole I believe).
OpenSSH 2.9p1 tests the library snprintf to see that it accepts "ll" and
uses its own version if "ll" doesn't work.
--
Chris Adams <cmadams at hiwaay.net>
Systems and Network Administrator - HiWAAY Internet Services
I don't speak for anybody but myself - that's enough trouble.
More information about the openssh-unix-dev
mailing list