[Bug 519] parsing bug in host.allow element of login.conf(5)

bugzilla-daemon at mindrot.org bugzilla-daemon at mindrot.org
Tue Mar 25 11:36:36 EST 2003


http://bugzilla.mindrot.org/show_bug.cgi?id=519

           Summary: parsing bug in host.allow element of login.conf(5)
           Product: Portable OpenSSH
           Version: 3.5p1
          Platform: All
               URL: http://cvsweb.netbsd.org/bsdweb.cgi/src/crypto/dist/ssh/
                    auth.c#rev1.18
        OS/Version: NetBSD
            Status: NEW
          Severity: normal
          Priority: P2
         Component: sshd
        AssignedTo: openssh-unix-dev at mindrot.org
        ReportedBy: lukem at netbsd.org


There's a bug in the parser code for the "host.allow" element of login.conf(5).
If you have more than one hostname in a comma separated argument to
"host.allow=", and there's not a positive or negative match on the first
element, sshd will infinitely loop because there's a missing strtok() to advance
to the next field.
The URL quoted above contains the cvs commit message I made to NetBSD-current to
fix the problem there.



------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.




More information about the openssh-unix-dev mailing list