openssh bugs - Mar 2009 - [Bug 1565] New: ssh-keyscan doesn't like comment-lines

https://bugzilla.mindrot.org/show_bug.cgi?id=1565

           Summary: ssh-keyscan doesn't like comment-lines
           Product: Portable OpenSSH
           Version: 5.1p1
          Platform: All
        OS/Version: Linux
            Status: NEW
          Keywords: low-hanging-fruit
          Severity: minor
          Priority: P2
         Component: Miscellaneous
        AssignedTo: unassigned-bugs at mindrot.org
        ReportedBy: schuster at isja.org


ssh-keyscan can take an existing known_hosts file as input, but only if
it contains no comment-lines.

To reproduce:
echo '#' > khtest
ssh-keyscan -f khtest

Result:
getaddrinfo #: Name or service not known

Expected:
Nothing happens

-- 
Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching the assignee of the bug.

https://bugzilla.mindrot.org/show_bug.cgi?id=1565

--- Comment #1 from Joachim Schipper <joachim at joachimschipper.nl>
2010-03-07 08:56:52 EST ---
Created an attachment (id=1806)
 --> (https://bugzilla.mindrot.org/attachment.cgi?id=1806)
Patch to fix integer overflow in fgets() wrapper

-- 
Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching the assignee of the bug.

https://bugzilla.mindrot.org/show_bug.cgi?id=1565

Joachim Schipper <joachim at joachimschipper.nl> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |joachim at joachimschipper.nl

--- Comment #2 from Joachim Schipper <joachim at joachimschipper.nl>
2010-03-07 08:58:07 EST ---
As described in
http://mid.gmane.org/20100306210548.GA32662 at polymnia.sshunet.nl,
ssh-keyscan may suffer an integer overflow when run on a file with
ridiculously (> 2GB) long lines. The attached patch fixes this and also
allows comments.

-- 
Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching the assignee of the bug.

https://bugzilla.mindrot.org/show_bug.cgi?id=1565

--- Comment #3 from Damien Miller <djm at mindrot.org>  ---
Created attachment 1868
  --> https://bugzilla.mindrot.org/attachment.cgi?id=1868
/home/djm/keyscan-uncrazy.diff

use read_keyfile_line()\n\nWe already have a fgets() wrapper, let's use
it.

-- 
Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching the assignee of the bug.

https://bugzilla.mindrot.org/show_bug.cgi?id=1565

--- Comment #4 from Damien Miller <djm at mindrot.org>  ---
Created attachment 1869
  --> https://bugzilla.mindrot.org/attachment.cgi?id=1869
/home/djm/keyscan-uncrazy.diff

revised diff

-- 
Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching the assignee of the bug.

https://bugzilla.mindrot.org/show_bug.cgi?id=1565

Damien Miller <djm at mindrot.org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
   Attachment #1868|0                           |1
        is obsolete|                            |

-- 
Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching the assignee of the bug.

https://bugzilla.mindrot.org/show_bug.cgi?id=1565

Damien Miller <djm at mindrot.org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
   Attachment #1869|0                           |1
        is obsolete|                            |

--- Comment #5 from Damien Miller <djm at mindrot.org>  ---
Comment on attachment 1869
  --> https://bugzilla.mindrot.org/attachment.cgi?id=1869
/home/djm/keyscan-uncrazy.diff

ugh, attached the wrong diff twice :(

-- 
Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching the assignee of the bug.

https://bugzilla.mindrot.org/show_bug.cgi?id=1565

--- Comment #6 from Damien Miller <djm at mindrot.org>  ---
Created attachment 1870
  --> https://bugzilla.mindrot.org/attachment.cgi?id=1870
/home/djm/keyscan-uncrazy.diff

The original diff didn't correctly handle the case of "ssh-keyscan -f
-" (it would SEGV or EINVAL on fopen). This one uses our existing
wrapper for fgets().

-- 
Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching the assignee of the bug.

https://bugzilla.mindrot.org/show_bug.cgi?id=1565

Damien Miller <djm at mindrot.org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
   Attachment #1870|                            |ok?(dtucker at zip.com.au)
              Flags|                            |

-- 
Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching the assignee of the bug.

https://bugzilla.mindrot.org/show_bug.cgi?id=1565

Damien Miller <djm at mindrot.org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |djm at mindrot.org
             Blocks|                            |1708

-- 
Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.

https://bugzilla.mindrot.org/show_bug.cgi?id=1565

Joachim Schipper <joachim at joachimschipper.nl> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
   Attachment #1806|0                           |1
        is obsolete|                            |

--- Comment #7 from Joachim Schipper <joachim at joachimschipper.nl>  ---
Created attachment 1875
  --> https://bugzilla.mindrot.org/attachment.cgi?id=1875
Patch to fix ssh-keyscan

The attached patch is a slight alteration of your (Damien's) patch.

- these lines are not related to SSH_MAX_PUBKEY_BYTES, so just hardcode
some reasonable value;
- linenum should be per-file, not over all files;
- fatal() on long lines instead of silently ignoring them.

-- 
Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.

https://bugzilla.mindrot.org/show_bug.cgi?id=1565

Darren Tucker <dtucker at zip.com.au> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |dtucker at zip.com.au

--- Comment #8 from Darren Tucker <dtucker at zip.com.au>  ---
(In reply to comment #7)
> Created attachment 1875 [details]
> Patch to fix ssh-keyscan
> 
> The attached patch is a slight alteration of your (Damien's) patch.
> 
> - these lines are not related to SSH_MAX_PUBKEY_BYTES, so just hardcode
> some reasonable value;
> - linenum should be per-file, not over all files;
These are both valid points.
> - fatal() on long lines instead of silently ignoring them.
This one I don't care so much about.

-- 
Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.

https://bugzilla.mindrot.org/show_bug.cgi?id=1565

Darren Tucker <dtucker at zip.com.au> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
   Attachment #1870|ok?(dtucker at zip.com.au)     |ok+
              Flags|                            |

-- 
Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.

https://bugzilla.mindrot.org/show_bug.cgi?id=1565

Damien Miller <djm at mindrot.org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|NEW                         |RESOLVED
         Resolution|                            |FIXED

--- Comment #9 from Damien Miller <djm at mindrot.org>  ---
I agree with Darren. The corresponding patch has been committed and
will be in OpenSSH-5.6. Thanks!

-- 
Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.

https://bugzilla.mindrot.org/show_bug.cgi?id=1565

Damien Miller <djm at mindrot.org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|RESOLVED                    |CLOSED

--- Comment #10 from Damien Miller <djm at mindrot.org> 2011-01-24
12:33:55 EST ---
Move resolved bugs to CLOSED after 5.7 release

-- 
Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.