Segfault on invalid SSH keys.
djm at mindrot.org
Fri Oct 16 01:39:53 AEDT 2015
On Thu, 15 Oct 2015, Steve Kemp wrote:
> > > Via fuzzing I discovered a key which will cause
> > > the ssh-keygen process to segfault when fingerprinting
> > > via:
> > >
> > > ssh-keygen -l -f bogus.key
> > Could you please share the key that causes this problem?
> The key was attached to the referenced bug report, but
> please find attached a copy to this mail.
> Usage is:
> $ gunzip crash.min.pub.gz
> $ ssh-keygen -l -f ./crash.min.pub
> Segmentation fault
What version of OpenSSH are you using? I don't see a crash with 7.1 or
[djm at laptop openssh]$ ssh-keygen -lf /tmp/crash.min.pub
line 2 too long: 4...
/tmp/crash.min.pub is not a public key file.
More information about the openssh-unix-dev