openssh bugs - Mar 2010 - [Bug 1739] New: getcwd does not support size zero argument on Solaris

https://bugzilla.mindrot.org/show_bug.cgi?id=1739

           Summary: getcwd does not support size zero argument on Solaris
           Product: Portable OpenSSH
           Version: 5.4p1
          Platform: Sparc
        OS/Version: Solaris
            Status: NEW
          Severity: normal
          Priority: P2
         Component: sshd
        AssignedTo: unassigned-bugs at mindrot.org
        ReportedBy: rich at mirch.com


Overview: 

   The function derelativise_path() in servconf.c calls getcwd(NULL,0) 
and using zero for the size argument is unsupported on Solaris.


Steps to Reproduce: 

    1) uncomment #AuthorizedKeysFile     %h/.ssh/authorized_keys
       from /etc/ssh/sshd_config

    2) restart sshd


Actual Results: 

   sshd failed to start with the following message
   derelativise_path: getcwd: Invalid argument


Expected Results: 

   sshd starts with no error messages


Build Date & Platform:

   Build 2010-03-23 on Solaris 9 sun4u
   OpenSSH_5.4p1, OpenSSL 0.9.8m

-- 
Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching the assignee of the bug.

https://bugzilla.mindrot.org/show_bug.cgi?id=1739

--- Comment #1 from Yann Rouillard <yann at pleiades.fr.eu.org> 2010-03-26
04:54:57 EST ---
Created an attachment (id=1821)
 --> (https://bugzilla.mindrot.org/attachment.cgi?id=1821)
A little patch to fix the getcwd function usage

Here is a little patch to solve this bug.

It just passes PATH_MAX as the size argument instead of 0.

The allocated space will be often a lot bigger than needed but:

  - the cwd string variable is very short-lived so that is not so
important,

  - when passed a 0 size argument, getcwd under linux seems to allocate
PATH_MAX bytes and realloc to exact string size once it has retrieved
the current directory. So it seems we just avoid a realloc call by
using PATH_MAX instead of 0.

-- 
Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching the assignee of the bug.

https://bugzilla.mindrot.org/show_bug.cgi?id=1739

Yann Rouillard <yann at pleiades.fr.eu.org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |yann at pleiades.fr.eu.org

--- Comment #2 from Yann Rouillard <yann at pleiades.fr.eu.org> 2010-03-26
05:03:14 EST ---
I posted a patch to solve the bug reported but I uncovered another
issue while testing it.

It seems the Authorized_keys filename argument is now derelativised
when the configuration file is read. 
As a result, an argument like '.ssh/authorized_keys' is now transformed
into '/.ssh/autorized_keys' by the derelativise_path function and is
not anymore interpreted as being relative to the user home, contrary to
what the man page says:
"After expansion, AuthorizedKeysFile is taken to be an absolute path or
 one relative to the user's home directory"

-- 
Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching the assignee of the bug.

https://bugzilla.mindrot.org/show_bug.cgi?id=1739

--- Comment #3 from Yann Rouillard <yann at pleiades.fr.eu.org> 2010-03-26
08:53:29 EST ---
Created an attachment (id=1822)
 --> (https://bugzilla.mindrot.org/attachment.cgi?id=1822)
Don't try to derelativise the AuthorizedKeysFile value

A little patch to fix the second issue.

-- 
Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching the assignee of the bug.

https://bugzilla.mindrot.org/show_bug.cgi?id=1739

Damien Miller <djm at mindrot.org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |djm at mindrot.org
             Blocks|                            |1708
             Status|NEW                         |RESOLVED
         Resolution|                            |FIXED

--- Comment #4 from Damien Miller <djm at mindrot.org> 2010-03-26 10:40:23
EST ---
Thanks - this is fixed in openssh-5.5p1, due shortly.

-- 
Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.

https://bugzilla.mindrot.org/show_bug.cgi?id=1739

Damien Miller <djm at mindrot.org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Blocks|1708                        |1743

-- 
Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.

https://bugzilla.mindrot.org/show_bug.cgi?id=1739

Damien Miller <djm at mindrot.org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|RESOLVED                    |CLOSED

--- Comment #5 from Damien Miller <djm at mindrot.org> 2010-04-16 15:51:14
EST ---
Mass move of bugs RESOLVED->CLOSED following the release of
openssh-5.5p1

-- 
Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.