Segfault on invalid SSH keys.

Steve Kemp steve at steve.org.uk
Thu Oct 15 16:32:56 AEDT 2015


Hi,

  I reported a bug against the Debian distribution,
 but it might be more useful to report it here.

  Via fuzzing I discovered a key which will cause 
 the ssh-keygen process to segfault when fingerprinting
 via:

        ssh-keygen -l -f bogus.key

  This segfault is a NULL pointer dereference, and is
 a denial of service attack if you run a service which
 allows SSH keys to be uploaded and display their fingerprints.
 (I run such a service.  Oops.)

  There is a simple patch which I've posted in the bug
 report which fixes the problem for me, but probably needs
 more eyes.  This is the patch:


--- sshkey.c.orig   2015-10-13 22:42:26.178252307 +0300
+++ sshkey.c    2015-10-13 22:42:58.781080815 +0300
@@ -1198,6 +1198,9 @@
            bits == 0 || bits > SSHBUF_MAX_BIGNUM * 8)
            return SSH_ERR_INVALID_FORMAT;  /* Bad bit count... */
 
+                if ( ret->rsa == NULL )
+                    return SSH_ERR_INVALID_FORMAT;
+
        /* Get public exponent, public modulus. */
        if ((r = read_decimal_bignum(&ep, ret->rsa->e)) < 0)
            return r;


  The crasher can be found in the bug-report (note there are
 two, the second is easier to deal with):

    https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=801530:w

  I'm not a member of the list, but I'll keep an eye out for
 updates, via the archives, for the next few days in case
 there are questions.

Steve
-- 
http://www.steve.org.uk/


More information about the openssh-unix-dev mailing list