OpenSSH 3.2.2p1 sshd: fatal: xfree: NULL pointer given as argument

Phil Howard phil-openssh-unix-dev at
Tue May 21 21:16:52 EST 2002

On Tue, May 21, 2002 at 12:35:02PM +0200, Markus Friedl wrote:

| could you please print put b.buf after buffer_init and before buffer_free ?

I already got further than that for some off-list conversation and found
that the pointers/values in the Buffer b struct were all made 0 at the call
to EVP_DigestFinal().  I then found another symptom which was that ssh-keygen
was segfaulting.  Things were pointing at libcrypto so I grabbed the 0.9.6c
source, upgraded that, and recompiled 3.2.2p1 and now it all works like a
charm.  It seems to be a problem with the openssl that came in Slackware or
that I had previously compiled (unfortunately, I don't recall at the moment
whether my prior compile of openssl was before or after I upgraded Slackware
to version 8.0).

| >         EVP_DigestFinal(&md, digest, NULL);

It changed in the above call (I had diagnostics inserted at every line in
the kexgex_hash() function), which really makes no sense at all since it
was not being given Buffer b at all.  But given some other weirdnesses I
started just generally suspecting a bad library image.

I'm also suspecting the executeable was linked against libcrypto 0.9.6a
or 0.9.6b and then used with 0.9.6c.  I forgot to check the version of
libcrypto before I recompiled openssl on the build system.

| Phil Howard - KA9WGN |   Dallas   | |
| phil-nospam at | Texas, USA |     |

More information about the openssh-unix-dev mailing list