[PATCH] authfile: do not check st_size if we munged it
Mike Frysinger
vapier at gentoo.org
Tue Apr 4 07:43:08 AEST 2017
From: Mike Frysinger <vapier at chromium.org>
The recent change to sshkey_load_file to bump the default stat size from
0 up to 64KiB ends up breaking loading of keys in that scenario. This is
because later in the function, we check to see if the amount of data we
read matches what we stat-ed, and since we changed it to 64KiB, we never
actually match (unless the key data happens to be 64KiB exactly).
Change the code to skip the sanity check in case we bumped it.
This shows up in the PNaCl version of ssh used by the SecureShell Chrome
extension: https://crbug.com/707941
---
authfile.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/authfile.c b/authfile.c
index 7411b68f6e42..557e0205ab97 100644
--- a/authfile.c
+++ b/authfile.c
@@ -133,7 +133,8 @@ sshkey_load_file(int fd, struct sshbuf *blob)
goto out;
}
}
- if ((st.st_mode & (S_IFSOCK|S_IFCHR|S_IFIFO)) == 0 &&
+ if (dontmax == 0 &&
+ (st.st_mode & (S_IFSOCK|S_IFCHR|S_IFIFO)) == 0 &&
st.st_size != (off_t)sshbuf_len(blob)) {
r = SSH_ERR_FILE_CHANGED;
goto out;
--
2.12.0
More information about the openssh-unix-dev
mailing list