Using realloc to remove MAX_LISTEN_SOCKS limit on sshd.c

Peter Teoh tteikhua at dso.org.sg
Mon Dec 22 04:34:25 EST 2008


Dan Armstrong wrote:
> OpenSSH developers,
>
> I have removed the fixed, arbitrary limit on the number of 
> ListenAddress allowed by using realloc to dynamically expand 
> listen_socks as needed.  This completely removes MAX_LISTEN_SOCKS from 
> the source.  I made this change on the version of OpenSSH shipped with 
> CentOS 5.2, version 4.3p2.  Please see the attached .c file and .diff 
> file.  Please add these changes to OpenSSH to save people from having 
> to predetermine their workload before compilation.  It can also save 
> some people some grief - I've been unable to login to a server because 
> of this one.

Sorry if I may ask the risks of this option - will it not lead to any 
potential scenario of Denial of Service, if some how the number of 
ListenAddress can be arbitrarily increase without limit, and thus 
leading to realloc() allocating large amount of memory?

Thanks.


More information about the openssh-unix-dev mailing list