Advanced
Mailing List Archive

Mailing List Archive

  1. Home >
  2. OpenSSH>
  3. Bugs
[Bug 1380] incorrect check for strlen(fwd->connect_host) in parse_forward()
bugzilla-daemon at bugzilla
Jan 12, 2009, 10:28 PM
Post #1 of 5 (912 views)
Permalink
https://bugzilla.mindrot.org/show_bug.cgi?id=1380





--- Comment #9 from Damien Miller <djm@mindrot.org> 2009-01-13 17:28:14 ---
Could you refresh my memory as to why NI_MAXHOST is inappropriate?

--
Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.
_______________________________________________
openssh-bugs mailing list
openssh-bugs@mindrot.org
https://lists.mindrot.org/mailman/listinfo/openssh-bugs
[Bug 1380] incorrect check for strlen(fwd->connect_host) in parse_forward() [ In reply to ]
bugzilla-daemon at bugzilla
Jan 13, 2009, 9:26 AM
Post #2 of 5 (862 views)
Permalink
https://bugzilla.mindrot.org/show_bug.cgi?id=1380





--- Comment #10 from Jan Pechanec <Jan.Pechanec@Sun.COM> 2009-01-14 04:26:34 ---
(In reply to comment #9)
> Could you refresh my memory as to why NI_MAXHOST is inappropriate?

trying to remember... I'd say it may be the other way around. The point
which I hasn't explained was that on one side the hostname length is
checked against NI_MAXHOST in parse_forward() while on the other side
it's checked against SSH_CHANNEL_PATH_LEN in channel.c's function
channel_setup_fwd_listener().

NI_MAXHOST is usually defined as 1025 (RFC 2553, but obsoleted by 3493
that doesn't even define it). SSH_CHANNEL_PATH_LEN is defined as 255
and used just once.

So, I suggest the same value should be used on both sides.

--
Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.
_______________________________________________
openssh-bugs mailing list
openssh-bugs@mindrot.org
https://lists.mindrot.org/mailman/listinfo/openssh-bugs
[Bug 1380] incorrect check for strlen(fwd->connect_host) in parse_forward() [ In reply to ]
bugzilla-daemon at bugzilla
Jan 13, 2009, 5:58 PM
Post #3 of 5 (860 views)
Permalink
https://bugzilla.mindrot.org/show_bug.cgi?id=1380


Damien Miller <djm@mindrot.org> changed:

What |Removed |Added
----------------------------------------------------------------------------
Attachment #1540|0 |1
is obsolete| |
Attachment #1540|ok? |
Flag| |




--- Comment #11 from Damien Miller <djm@mindrot.org> 2009-01-14 12:58:18 ---
Created an attachment (id=1591)
--> (http://bugzilla.mindrot.org/attachment.cgi?id=1591)
make c->path dynamic and nuke SSH_CHANNEL_PATH_LEN

Thanks - that refreshed my memory. This is what I had planned on doing:
get rid of SSH_CHANNEL_PATH_LEN entirely by making c->path a dynamic
string.

--
Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.
_______________________________________________
openssh-bugs mailing list
openssh-bugs@mindrot.org
https://lists.mindrot.org/mailman/listinfo/openssh-bugs
[Bug 1380] incorrect check for strlen(fwd->connect_host) in parse_forward() [ In reply to ]
bugzilla-daemon at bugzilla
Jan 13, 2009, 9:52 PM
Post #4 of 5 (852 views)
Permalink
https://bugzilla.mindrot.org/show_bug.cgi?id=1380


Tim Rice <tim@multitalents.net> changed:

What |Removed |Added
----------------------------------------------------------------------------
CC| |tim@multitalents.net




--- Comment #12 from Tim Rice <tim@multitalents.net> 2009-01-14 16:52:43 ---
(In reply to comment #11)
> Created an attachment (id=1591)
--> (http://bugzilla.mindrot.org/attachment.cgi?id=1591) [details]
> make c->path dynamic and nuke SSH_CHANNEL_PATH_LEN
>
> Thanks - that refreshed my memory. This is what I had planned on doing:
> get rid of SSH_CHANNEL_PATH_LEN entirely by making c->path a dynamic
> string.

A quick look at the code turned up
+ u_char *p, dest_addr[255+1], ntop[INET6_ADDRSTRLEN];
We'll need to account for machines that don't have INET6_ADDRSTRLEN

Maybe just adding
#ifndef INET6_ADDRSTRLEN /* for non IPv6 machines */
#define INET6_ADDRSTRLEN 46
#endif
like we do in sshconnect.c

--
Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.
_______________________________________________
openssh-bugs mailing list
openssh-bugs@mindrot.org
https://lists.mindrot.org/mailman/listinfo/openssh-bugs
[Bug 1380] incorrect check for strlen(fwd->connect_host) in parse_forward() [ In reply to ]
bugzilla-daemon at bugzilla
Jan 22, 2009, 1:50 AM
Post #5 of 5 (793 views)
Permalink
https://bugzilla.mindrot.org/show_bug.cgi?id=1380


Damien Miller <djm@mindrot.org> changed:

What |Removed |Added
----------------------------------------------------------------------------
Status|NEW |RESOLVED
Resolution| |FIXED




--- Comment #13 from Damien Miller <djm@mindrot.org> 2009-01-22 20:50:55 ---
patch applied - this will be in openssh-5.2

--
Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.
_______________________________________________
openssh-bugs mailing list
openssh-bugs@mindrot.org
https://lists.mindrot.org/mailman/listinfo/openssh-bugs

©2024 GT.net. A Gossamer Threads company.
5th Floor, 455 Granville St., Vancouver, BC V6C 1T1, Canada | Legal