Call for testing: OpenSSH-5.7
Damien Miller
djm at mindrot.org
Sun Jan 16 20:01:58 EST 2011
On Sun, 16 Jan 2011, Damien Miller wrote:
> I have replicated the problem on CentOS 3.9 and found the commit that
> triggers it (http://hg.mindrot.org/openssh/rev/10166). It only seems to
> affect SSH1, but I still don't understand why it fails though.
Here's a fix. The SIGCHLD handler just exposed a latent bug.
Index: clientloop.c
===================================================================
RCS file: /cvs/src/usr.bin/ssh/clientloop.c,v
retrieving revision 1.229
diff -u -p -r1.229 clientloop.c
--- clientloop.c 11 Jan 2011 06:13:10 -0000 1.229
+++ clientloop.c 16 Jan 2011 09:00:02 -0000
@@ -1579,9 +1579,9 @@ client_loop(int have_pty, int escape_cha
/* Output any buffered data for stdout. */
while (buffer_len(&stdout_buffer) > 0) {
- len = write(fileno(stdout), buffer_ptr(&stdout_buffer),
- buffer_len(&stdout_buffer));
- if (len <= 0) {
+ len = atomicio(vwrite, fileno(stdout),
+ buffer_ptr(&stdout_buffer), buffer_len(&stdout_buffer));
+ if (len != buffer_len(&stdout_buffer)) {
error("Write failed flushing stdout buffer.");
break;
}
@@ -1590,9 +1590,9 @@ client_loop(int have_pty, int escape_cha
/* Output any buffered data for stderr. */
while (buffer_len(&stderr_buffer) > 0) {
- len = write(fileno(stderr), buffer_ptr(&stderr_buffer),
- buffer_len(&stderr_buffer));
- if (len <= 0) {
+ len = atomicio(vwrite, fileno(stderr),
+ buffer_ptr(&stderr_buffer), buffer_len(&stderr_buffer));
+ if (len != buffer_len(&stderr_buffer)) {
error("Write failed flushing stderr buffer.");
break;
}
More information about the openssh-unix-dev
mailing list