Weird problems on solaris 7 & 8
Justin Hahn
jeh at profitlogic.com
Sat Feb 23 05:51:56 EST 2002
I'm seeing some extremely odd behavior with solaris. I have a suspicion
it's me, but here's the story and maybe someone can suggest an avenue of
investigation. This seems to be happening with any release of openssh
since at least 2.5.2p1.
1) Problem #1: If SSH protocol 1 is enabled then sshd segfaults right
off. This turns out to be because the call to arc4random_stir is
corrupting memory and making sensitive_data.server_key non NULL. When
key_free is then called on it's UNALLOCATED storage, you get a pretty
seg fault.
2) Problem #3: snprintf doesn't like the %.100s specifier. For some
reason 00s gets printed, and all the arguments get shifted. This breaks
all sorts of things in all sorts of horrible ways. Some basic
experimentation seems to indicate that if I take the .100 bit out and
just leave %s behind that things will work. This is obviously the wrong
fix. Note that this happens regardless of whether BROKEN_SNPRINTF is
defined or not. (it isn't by default, but adding it to the top of
bsd-snprintf.c and recompiling doesn't seem to help any.)
Any ideas?
--jeh
(Note I'm not subscribed, so please cc: me. Thanks!)
More information about the openssh-unix-dev
mailing list