3.4p1: 'buffer_append_space: alloc 10506240 not supported'

Thomas Quinot thomas at cuivre.fr.eu.org
Wed Jul 3 07:04:50 EST 2002


Le 2002-07-02, Mihnea-Costin Grigore écrivait :

>      I think this is the same problem that I encountered and written about
> in the message from July 1st ("Memory allocation gone awry with OpenSSH
> 3.(3,4)p1")... It is the same pattern:

Hum, that might well be. I have added some debugging messages (patch
attached) and there is something *very* weird going on with that call to
inflat(): it seems to produce endless output while not consuming any
input at all:

debug1: PRE inc_stream.in: 4001d4ee 16
debug1: PRE inc_stream.out: 7b03aca0 4096
debug1: POST inc_stream.in: 4001d4ee 16
debug1: POST inc_stream.out: 7b03bca0 0
[repeated ad lib]

so either we pass incorrect data to inflate(), or there is a plain bug
in zlib that went undiscovered so far...

*** dist/openssh-3.4p1/compress.c	Fri Mar 22 02:51:25 2002
--- openssh-3.4p1/compress.c	Tue Jul  2 22:57:13 2002
***************
*** 138,144 ****
--- 138,154 ----
  		incoming_stream.next_out = buf;
  		incoming_stream.avail_out = sizeof(buf);
  
+ 		debug ("PRE inc_stream.in: %p %d", incoming_stream.next_in,
+ 			incoming_stream.avail_in);
+ 		debug ("PRE inc_stream.out: %p %d", incoming_stream.next_out,
+ 			incoming_stream.avail_out);
+ 
  		status = inflate(&incoming_stream, Z_PARTIAL_FLUSH);
+ 		debug ("POST inc_stream.in: %p %d", incoming_stream.next_in,
+ 			incoming_stream.avail_in);
+ 		debug ("POST inc_stream.out: %p %d", incoming_stream.next_out,
+ 			incoming_stream.avail_out);
+ 
  		switch (status) {
  		case Z_OK:
  			buffer_append(output_buffer, buf,

-- 
    Thomas.Quinot at Cuivre.FR.EU.ORG



More information about the openssh-unix-dev mailing list