Advanced
Mailing List Archive

Mailing List Archive

  1. Home >
  2. OpenSSH>
  3. Bugs
[Bug 1380] incorrect check for strlen(fwd->connect_host) in parse_forward()
bugzilla-daemon at bugzilla
Jul 3, 2008, 9:14 PM
Post #1 of 5 (421 views)
Permalink
https://bugzilla.mindrot.org/show_bug.cgi?id=1380


Damien Miller <djm@mindrot.org> changed:

What |Removed |Added
----------------------------------------------------------------------------
Attachment #1367|0 |1
is obsolete| |
Attachment #1539| |ok?
Flag| |




--- Comment #5 from Damien Miller <djm@mindrot.org> 2008-07-04 14:14:06 ---
Created an attachment (id=1539)
--> (http://bugzilla.mindrot.org/attachment.cgi?id=1539)
revised patch

I think this would be better. btw, there was a bug in your change to
channels.c:channel_request_remote_forwarding() - it returned 0
(success) instead of -1 (failure) when a too-long listen_host was
supplied.

--
Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.
_______________________________________________
openssh-bugs mailing list
openssh-bugs@mindrot.org
https://lists.mindrot.org/mailman/listinfo/openssh-bugs
[Bug 1380] incorrect check for strlen(fwd->connect_host) in parse_forward() [ In reply to ]
bugzilla-daemon at bugzilla
Jul 3, 2008, 11:48 PM
Post #2 of 5 (411 views)
Permalink
https://bugzilla.mindrot.org/show_bug.cgi?id=1380


Damien Miller <djm@mindrot.org> changed:

What |Removed |Added
----------------------------------------------------------------------------
Attachment #1539|0 |1
is obsolete| |
Attachment #1539|ok? |
Flag| |




--- Comment #6 from Damien Miller <djm@mindrot.org> 2008-07-04 16:48:52 ---
Created an attachment (id=1540)
--> (http://bugzilla.mindrot.org/attachment.cgi?id=1540)
revised revised patch

my last patch has a bug: listen_host may be NULL in
channel_request_remote_forwarding()

--
Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.
_______________________________________________
openssh-bugs mailing list
openssh-bugs@mindrot.org
https://lists.mindrot.org/mailman/listinfo/openssh-bugs
[Bug 1380] incorrect check for strlen(fwd->connect_host) in parse_forward() [ In reply to ]
bugzilla-daemon at bugzilla
Jul 3, 2008, 11:50 PM
Post #3 of 5 (409 views)
Permalink
https://bugzilla.mindrot.org/show_bug.cgi?id=1380


Damien Miller <djm@mindrot.org> changed:

What |Removed |Added
----------------------------------------------------------------------------
Attachment #1540| |ok?
Flag| |




--
Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.
_______________________________________________
openssh-bugs mailing list
openssh-bugs@mindrot.org
https://lists.mindrot.org/mailman/listinfo/openssh-bugs
[Bug 1380] incorrect check for strlen(fwd->connect_host) in parse_forward() [ In reply to ]
bugzilla-daemon at bugzilla
Jul 4, 2008, 3:19 AM
Post #4 of 5 (414 views)
Permalink
https://bugzilla.mindrot.org/show_bug.cgi?id=1380





--- Comment #7 from Jan Pechanec <Jan.Pechanec@Sun.COM> 2008-07-04 20:19:10 ---
I'm wondering, after reading the forwarding section of 4254 again, is
it worth to have SSH_CHANNEL_PATH_LEN at all? 4254 talks about domain
name only, not mentioning any limitation, which implies that one should
rely on the existing spec, RFC 2181. Unless there is any need to limit
the domain name length further, which I doubt, there is no need for 2
macros.

that way, SSH_MAX_DOMAIN_LEN may be the only macro defined and used (in
the last revision of the patch, both macros are used which might be
confusing for the reader of the code).

I would also vote for defining it to 255, use str[SSH_MAX_DOMAIN_LEN +
1] for definition, and "strlen(xxx) > SSH_MAX_DOMAIN_LEN)" in
comparisons. It seems more logical and mainly, more readable. However,
that's already nit picking.

--
Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.
_______________________________________________
openssh-bugs mailing list
openssh-bugs@mindrot.org
https://lists.mindrot.org/mailman/listinfo/openssh-bugs
[Bug 1380] incorrect check for strlen(fwd->connect_host) in parse_forward() [ In reply to ]
bugzilla-daemon at bugzilla
Jul 4, 2008, 5:06 AM
Post #5 of 5 (398 views)
Permalink
https://bugzilla.mindrot.org/show_bug.cgi?id=1380


Damien Miller <djm@mindrot.org> changed:

What |Removed |Added
----------------------------------------------------------------------------
Blocks|1452 |1481




--- Comment #8 from Damien Miller <djm@mindrot.org> 2008-07-04 22:06:54 ---
actually, c->path can be used for real pathnames too (e.g. auth
sockets) the constant name is wrong too. I think I'll bump this to
openssh-5.2, so we can just make it properly dynamic.

--
Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.
_______________________________________________
openssh-bugs mailing list
openssh-bugs@mindrot.org
https://lists.mindrot.org/mailman/listinfo/openssh-bugs

©2024 GT.net. A Gossamer Threads company.
5th Floor, 455 Granville St., Vancouver, BC V6C 1T1, Canada | Legal