Calysto v1.5 reports on ssh v4.6p1

Domagoj Babic babic.domagoj at
Sun Aug 12 10:13:54 EST 2007

New version of Calysto reports a warning that looks like a bug to me:

Possible NULL-ptr deref (vc27053):
Bug: ??

choose_dh (dh.c:111) calls fopen twice (@120). If the first call to
fopen fails (returns NULL), but the second one succeeds, fgets (@129) is
called with f==NULL.

Can anyone confirm that this is a potential issue?


        Domagoj Babic

More information about the openssh-unix-dev mailing list