OpenSSH 7.6p1 ssh-agent exiting if passed an invalid key blob
Damien Miller
djm at mindrot.org
Wed Nov 15 12:43:29 AEDT 2017
On Tue, 14 Nov 2017, Ron Frederick wrote:
> Thanks Damien, but I’m not sure this is a good fix. Now both cases
> turn into an error(), but if there is a problem reading the initial
> pair of strings and u32 value, you really can’t safely keep the
> connection open to receive additional requests.
That's not the case: this function is called in the context of one
message with delimited length (see process_message()). A failure here
just disregards that message and doesn't need to kill the entire
connection.
There are some other input parsing cases that should be downgraded
from fatal() in ssh-agent.c, but I'll do those separately.
-d
More information about the openssh-unix-dev
mailing list