bugzilla-daemon at bugzilla.mindrot.org
2008-Aug-11 15:31 UTC
[Bug 1501] New: p_read, p_send not intialized
https://bugzilla.mindrot.org/show_bug.cgi?id=1501
Summary: p_read, p_send not intialized
Classification: Unclassified
Product: Portable OpenSSH
Version: 5.0p1
Platform: Other
OS/Version: Other
Status: NEW
Severity: normal
Priority: P2
Component: ssh
AssignedTo: unassigned-bugs at mindrot.org
ReportedBy: THanson at CardinalPeak.com
Source file packet.c declares 2 structures, p_read & p_send, which are
used to manage packet traffic. These structures are not explicitly
initialized in either the declaration or in the code.
In an environment (i.e. VxWorks) where spawning a second copy (thread)
does not zero-fill memory, this causes the second (and subsequent)
copies to use the values left behind by previous copies. The result is
that the sequence number (seqnr field) is out of synch with the server
and MAC checksum verification fails.
Recommend setting seqnr, packets, and blocks fields to zero at
process/thread start. Testing with concurrent threads also
recommended.
--
Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching the assignee of the bug.
bugzilla-daemon at bugzilla.mindrot.org
2008-Aug-13 03:06 UTC
[Bug 1501] p_read, p_send not intialized
https://bugzilla.mindrot.org/show_bug.cgi?id=1501
Darren Tucker <dtucker at zip.com.au> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |dtucker at zip.com.au
--- Comment #1 from Darren Tucker <dtucker at zip.com.au> 2008-08-13
13:06:34 ---
Uh, it's a static global. ISO C specifies that it must already be
zeroed.
eg http://www.dkuug.dk/JTC1/SC22/WG14/www/docs/n843.pdf section
6.7.8.10:
"If an object that has static storage duration is not initialized
explicitly, then:
- if it has pointer type, it is initialized to a null pointer;
- if it has arithmetic type, it is initialized to (positive or
unsigned) zero;
- if it is an aggregate, every member is initialized (recursively)
according to these rules;"
OpenSSH is not and has never claimed to be thread safe.
--
Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.
bugzilla-daemon at bugzilla.mindrot.org
2008-Nov-03 09:02 UTC
[Bug 1501] p_read, p_send not intialized
https://bugzilla.mindrot.org/show_bug.cgi?id=1501
Damien Miller <djm at mindrot.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|NEW |RESOLVED
Resolution| |WORKSFORME
CC| |djm at mindrot.org
--
Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.
bugzilla-daemon at bugzilla.mindrot.org
2009-Feb-23 02:36 UTC
[Bug 1501] p_read, p_send not intialized
https://bugzilla.mindrot.org/show_bug.cgi?id=1501
Damien Miller <djm at mindrot.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|RESOLVED |CLOSED
--- Comment #2 from Damien Miller <djm at mindrot.org> 2009-02-23
13:36:01 ---
Close bugs fixed/reviewed for openssh-5.2 release
--
Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.