Problem/bug report for "bad decrypted len" error in OpenSSH

Stefan Hadjistoytchev sth at hq.bsbg.net
Wed Jun 18 16:16:55 EST 2003


Where should I check for these bytes ?


----- Original Message ----- 
From: "Markus Friedl" <markus at openbsd.org>
To: "Stefan Hadjistoytchev" <sth at hq.bsbg.net>
Cc: "Damien Miller" <djm at mindrot.org>; <openssh-unix-dev at mindrot.org>
Sent: Tuesday, June 17, 2003 12:00 PM
Subject: Re: Problem/bug report for "bad decrypted len" error in OpenSSH


> I'm not sure whether this fix is correct.
>
> could you print out the 'extra bytes' ?
>
> e.g. add
>
> if (len > hlen + oidlen) {
> Buffer b;
> buffer_init(&b);
> buffer_append(&b, decrypted + hlen + oidlen,
> len - hlen - oidlen);
> buffer_dump(&b);
> buffer_clear(&b);
> }
>
> and start sshd with
> sshd -dddp1234
>
> and connect to port 1234 with your client?
>
> On Tue, Jun 17, 2003 at 11:24:12AM +0300, Stefan Hadjistoytchev wrote:
> > 10x for the fix !!!
> > ----- Original Message ----- 
> > From: "Markus Friedl" <markus at openbsd.org>
> > To: "Stefan Hadjistoytchev" <sth at hq.bsbg.net>
> > Cc: "Damien Miller" <djm at mindrot.org>; <openssh-unix-dev at mindrot.org>
> > Sent: Monday, June 16, 2003 11:28 AM
> > Subject: Re: Problem/bug report for "bad decrypted len" error in OpenSSH
> >
> >
> > > replace
> > >
> > >         if (len != hlen + oidlen) {
> > > with
> > >         if (len < hlen + oidlen) {
> > >
> > > instead of deleting lines.
> > >
> > >
> > > On Mon, Jun 16, 2003 at 09:36:16AM +0300, Stefan Hadjistoytchev wrote:
> > > > I've posted the bug in BugZilla (bug 592). What should I do next ?
> > > >
> > > > Stefan
> > > > ----- Original Message ----- 
> > > > From: "Markus Friedl" <markus at openbsd.org>
> > > > To: "Stefan Hadjistoytchev" <sth at hq.bsbg.net>; "Damien Miller"
> > > > <djm at mindrot.org>
> > > > Cc: <openssh-unix-dev at mindrot.org>
> > > > Sent: Friday, June 13, 2003 5:39 PM
> > > > Subject: Re: Problem/bug report for "bad decrypted len" error in
OpenSSH
> > > >
> > > >
> > > > > On Sat, Jun 14, 2003 at 12:17:56AM +1000, Damien Miller wrote:
> > > > > > Stefan Hadjistoytchev wrote:
> > > > > > > Should I report it to BugZilla ?
> > > > > >
> > > > > > Only if you can justify _why_ the length check is not correct.
> > > > >
> > > > > make sure to include:
> > > > >
> > > > >         This is a redundant length check that is not technically
> > > > >         correct.  The OpenSSH team is aware of the problem but
don't
> > > > >         care since they have no idea how to use certificates.
> > > > >
> > > > > The length check is not redundant since the result might be
> > > > > too small for example.
> > > > >
> > > > >
> > > >
> > > >
> > > > _______________________________________________
> > > > openssh-unix-dev mailing list
> > > > openssh-unix-dev at mindrot.org
> > > > http://www.mindrot.org/mailman/listinfo/openssh-unix-dev
> > >
> > >
> >
> >
>
>





More information about the openssh-unix-dev mailing list