http://bugzilla.mindrot.org/show_bug.cgi?id=1046 Summary: AIX 5.3 Garbage on Login Product: Portable OpenSSH Version: 4.0p1 Platform: PPC OS/Version: AIX Status: NEW Severity: normal Priority: P2 Component: ssh AssignedTo: bitbucket at mindrot.org ReportedBy: rajsingh at hotmail.com Compiled 4.0p1 on AIX 5.3 with OpenSSL 0.9.7g. When I login, I get garbage before "Last unsuccessful login" and the terminal type displayed before and after the shell prompt (see output below). I've tried with a different client, but get the same results. /?&HF($$?< Last unsuccessful login: Wed May 25 11:27:14 EDT 2005 on ssh from hos t.company.net Last login: Thu May 26 13:29:44 EDT 2005 on /dev/pts/3 from 127.0.0.1 ******************************************************************************* * * * * * Welcome to AIX Version 5.3! * * * * * * Please see the README file in /usr/lpp/bos for information pertinent to * * this release of the AIX Operating System. * * * * * ******************************************************************************* PuTTY/home/town: PuTTY ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee.
http://bugzilla.mindrot.org/show_bug.cgi?id=1046 ------- Additional Comments From dtucker at zip.com.au 2005-05-27 08:05 ------- I believe this is bug #1006, which has been fixed in the just-released openssh-4.1p1. Could you please try that version and see if the problem persists? ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee.
http://bugzilla.mindrot.org/show_bug.cgi?id=1046 ------- Additional Comments From rajsingh at hotmail.com 2005-05-27 21:05 ------- (In reply to comment #1)> I believe this is bug #1006, which has been fixed in the just-released > openssh-4.1p1. Could you please try that version and see if the problempersists? I compiled 4.1p1 and the problem is the same. ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee.
http://bugzilla.mindrot.org/show_bug.cgi?id=1046 dtucker at zip.com.au changed: What |Removed |Added ---------------------------------------------------------------------------- AssignedTo|bitbucket at mindrot.org |openssh-bugs at mindrot.org Component|ssh |sshd ------- Additional Comments From dtucker at zip.com.au 2005-05-27 21:19 ------- OK, could you please run the server in debug mode and attach to the bug? (note: use "create attachment" rather than pasting into the comment field.) An easy way to do this is to run something like this on your server: /path/to/sshd -ddd -p 2022 then connect with "ssh -p 2022 yourserver". ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee.
http://bugzilla.mindrot.org/show_bug.cgi?id=1046 dtucker at zip.com.au changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |ASSIGNED Version|4.0p1 |4.1p1 ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee.
http://bugzilla.mindrot.org/show_bug.cgi?id=1046 ------- Additional Comments From rajsingh at hotmail.com 2005-05-28 00:02 ------- Created an attachment (id=923) --> (http://bugzilla.mindrot.org/attachment.cgi?id=923&action=view) Debug output from sshd ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee.
http://bugzilla.mindrot.org/show_bug.cgi?id=1046 ------- Additional Comments From rajsingh at hotmail.com 2005-05-28 00:03 ------- Created an attachment (id=924) --> (http://bugzilla.mindrot.org/attachment.cgi?id=924&action=view) Output from PuTTY when I logged in while attachement #923 was being generated ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee.
http://bugzilla.mindrot.org/show_bug.cgi?id=1046 ------- Additional Comments From rajsingh at hotmail.com 2005-05-28 01:42 ------- Installed the latest maintenance level (AIX ML2), but that didn't help. ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee.
http://bugzilla.mindrot.org/show_bug.cgi?id=1046 ------- Additional Comments From tim at multitalents.net 2005-05-28 04:12 ------- Do you see the same problem if you use the openssh client? Have you tried a current version of Putty? ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee.
http://bugzilla.mindrot.org/show_bug.cgi?id=1046 ------- Additional Comments From rajsingh at hotmail.com 2005-05-28 04:52 ------- (In reply to comment #7)> Do you see the same problem if you use the openssh client? > Have you tried a current version of Putty?Yes, same problem. It doesn't matter that client I try, I get the same behaviour. I don't think it's a client issue. If you look at the debug output from sshd that I've attached, you will see the following line -- the garbage after "msg" is almost identical to what I'm seeing on the first line whenever I login: debug3: AIX/passwdexpired returned 0 msg /?%XJ($$\020\005?\\ ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee.
http://bugzilla.mindrot.org/show_bug.cgi?id=1046 ------- Additional Comments From rajsingh at hotmail.com 2005-05-28 05:17 ------- I believe I've found the problem. It's a coding issue. In the file "port-aix.c", line number 156, "msg" is declared, but doesn't point to anything. As a test, I changed *msg to *msg = malloc(1024), rebuilt, and it solved the issues I was having. ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee.
http://bugzilla.mindrot.org/show_bug.cgi?id=1046 ------- Additional Comments From tim at multitalents.net 2005-05-28 08:11 ------- Try changing the *msg in line 156 of port-aix.c to *msg = NULL ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee.
http://bugzilla.mindrot.org/show_bug.cgi?id=1046 ------- Additional Comments From dtucker at zip.com.au 2005-05-28 11:24 ------- (In reply to comment #9)> It's a coding issue. In the file "port-aix.c", line number 156, "msg" is > declared, but doesn't point to anything. As a test, I changed *msg to *msg = > malloc(1024), rebuilt, and it solved the issues I was having.msg is not initialized, but a pointer to msg is passed to passwdexpired(). On AIX 5.2 and below, passwdexpired allocates memory itself. From the passwdexpired man page: "Message Points to a pointer that the passwdexpired subroutine allocates memory for and fills in. This string is suitable for printing and issues messages, such as in how many days the password will expire." What does the man page say on 5.3? mallocing msg unconditionally will result in a memory leak on AIXes <= 5.2. Tim's suggestion on initializing to NULL will be OK, provided it resolves the problem. ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee.
http://bugzilla.mindrot.org/show_bug.cgi?id=1046 rajsingh at hotmail.com changed: What |Removed |Added ---------------------------------------------------------------------------- Status|ASSIGNED |RESOLVED Resolution| |FIXED ------- Additional Comments From rajsingh at hotmail.com 2005-05-29 01:49 ------- (In reply to comment #11) You are correct. passwdexpired() does it's own malloc(). I tried Tim's suggestion and it worked, so I guess we've put this bug to rest. :) ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee.
http://bugzilla.mindrot.org/show_bug.cgi?id=1046 ------- Additional Comments From dtucker at zip.com.au 2005-05-29 10:41 ------- I have changed the code so msg is initialized to NULL, in both the 4.1 branch and -HEAD, so it will be in the next release. Thanks for the report. ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee.
Possibly Parallel Threads
- Security - ssh allows unintended access on AIX
- Setauthdb defined twice in openssh-4.0p1 on AIX 5.3
- [PATCH] AIX password expiration
- [Bug 869] Password expiration does not work for LDAP users
- [Bug 2006] New: AIX 5.2 /32 bit - a windows Putty session will not connect to AIX box