bugzilla-daemon at mindrot.org
2023-Apr-20 12:06 UTC
[Bug 3565] New: keygen do_download_sk() incorrect return value
https://bugzilla.mindrot.org/show_bug.cgi?id=3565
Bug ID: 3565
Summary: keygen do_download_sk() incorrect return value
Product: Portable OpenSSH
Version: 8.5p1
Hardware: Other
OS: Windows 10
Status: NEW
Severity: minor
Priority: P5
Component: ssh-keygen
Assignee: unassigned-bugs at mindrot.org
Reporter: m.schmidt at emtec.com
do_download_sk(const char *skprovider, const char *device) in
ssh-keygen.c returns an incorrect value, causing the ssh-keygen -K to
exit with error when all is ok and vice versa.
The end of function looks like this:
if (i >= nkeys)
ret = 0; /* success */
if (pass != NULL)
freezero(pass, strlen(pass));
for (i = 0; i < nkeys; i++)
sshkey_free(keys[i]);
free(keys);
return ret ? 0 : -1;
Since ret = 0 is marked as success (see comment above and usual
convention in openssh), just ret should be returned (the return value
makes its way to the program as the exit code).
--
You are receiving this mail because:
You are watching the assignee of the bug.
bugzilla-daemon at mindrot.org
2023-Apr-21 02:51 UTC
[Bug 3565] keygen do_download_sk() incorrect return value
https://bugzilla.mindrot.org/show_bug.cgi?id=3565
Damien Miller <djm at mindrot.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|NEW |RESOLVED
CC| |djm at mindrot.org
Resolution|--- |INVALID
--- Comment #1 from Damien Miller <djm at mindrot.org> ---
This was fixed before openssh-8.5 and the code has looked like this for
the almost the last three years:
3034 if (i >= nkeys)
3035 ret = 0; /* success */
3036 if (pass != NULL)
3037 freezero(pass, strlen(pass));
3038 for (i = 0; i < nkeys; i++)
3039 sshkey_free(keys[i]);
3040 free(keys);
3041 return ret;
3042 }
--
You are receiving this mail because:
You are watching someone on the CC list of the bug.
You are watching the assignee of the bug.
bugzilla-daemon at mindrot.org
2023-Apr-21 13:20 UTC
[Bug 3565] keygen do_download_sk() incorrect return value
https://bugzilla.mindrot.org/show_bug.cgi?id=3565 --- Comment #2 from Markus Schmidt <m.schmidt at emtec.com> --- I'm embarrased and sorry that this happened (this was a major SNAFU on my side that led to seeing this in old code). Sorry for the time wasted on your side, I'll be more careful next time. -- You are receiving this mail because: You are watching someone on the CC list of the bug. You are watching the assignee of the bug.