bugzilla-daemon at bugzilla.mindrot.org
2009-Mar-04 09:00 UTC
[Bug 1565] New: ssh-keyscan doesn't like comment-lines
https://bugzilla.mindrot.org/show_bug.cgi?id=1565 Summary: ssh-keyscan doesn't like comment-lines Product: Portable OpenSSH Version: 5.1p1 Platform: All OS/Version: Linux Status: NEW Keywords: low-hanging-fruit Severity: minor Priority: P2 Component: Miscellaneous AssignedTo: unassigned-bugs at mindrot.org ReportedBy: schuster at isja.org ssh-keyscan can take an existing known_hosts file as input, but only if it contains no comment-lines. To reproduce: echo '#' > khtest ssh-keyscan -f khtest Result: getaddrinfo #: Name or service not known Expected: Nothing happens -- Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are watching the assignee of the bug.
bugzilla-daemon at bugzilla.mindrot.org
2010-Mar-06 21:56 UTC
[Bug 1565] ssh-keyscan doesn't like comment-lines
https://bugzilla.mindrot.org/show_bug.cgi?id=1565 --- Comment #1 from Joachim Schipper <joachim at joachimschipper.nl> 2010-03-07 08:56:52 EST --- Created an attachment (id=1806) --> (https://bugzilla.mindrot.org/attachment.cgi?id=1806) Patch to fix integer overflow in fgets() wrapper -- Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are watching the assignee of the bug.
bugzilla-daemon at bugzilla.mindrot.org
2010-Mar-06 21:58 UTC
[Bug 1565] ssh-keyscan doesn't like comment-lines
https://bugzilla.mindrot.org/show_bug.cgi?id=1565 Joachim Schipper <joachim at joachimschipper.nl> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |joachim at joachimschipper.nl --- Comment #2 from Joachim Schipper <joachim at joachimschipper.nl> 2010-03-07 08:58:07 EST --- As described in http://mid.gmane.org/20100306210548.GA32662 at polymnia.sshunet.nl, ssh-keyscan may suffer an integer overflow when run on a file with ridiculously (> 2GB) long lines. The attached patch fixes this and also allows comments. -- Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are watching the assignee of the bug.
bugzilla-daemon at bugzilla.mindrot.org
2010-Jun-18 03:40 UTC
[Bug 1565] ssh-keyscan doesn't like comment-lines
https://bugzilla.mindrot.org/show_bug.cgi?id=1565 --- Comment #3 from Damien Miller <djm at mindrot.org> --- Created attachment 1868 --> https://bugzilla.mindrot.org/attachment.cgi?id=1868 /home/djm/keyscan-uncrazy.diff use read_keyfile_line()\n\nWe already have a fgets() wrapper, let's use it. -- Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are watching the assignee of the bug.
bugzilla-daemon at bugzilla.mindrot.org
2010-Jun-18 03:41 UTC
[Bug 1565] ssh-keyscan doesn't like comment-lines
https://bugzilla.mindrot.org/show_bug.cgi?id=1565 --- Comment #4 from Damien Miller <djm at mindrot.org> --- Created attachment 1869 --> https://bugzilla.mindrot.org/attachment.cgi?id=1869 /home/djm/keyscan-uncrazy.diff revised diff -- Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are watching the assignee of the bug.
bugzilla-daemon at bugzilla.mindrot.org
2010-Jun-18 03:42 UTC
[Bug 1565] ssh-keyscan doesn't like comment-lines
https://bugzilla.mindrot.org/show_bug.cgi?id=1565 Damien Miller <djm at mindrot.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #1868|0 |1 is obsolete| | -- Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are watching the assignee of the bug.
bugzilla-daemon at bugzilla.mindrot.org
2010-Jun-18 03:42 UTC
[Bug 1565] ssh-keyscan doesn't like comment-lines
https://bugzilla.mindrot.org/show_bug.cgi?id=1565 Damien Miller <djm at mindrot.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #1869|0 |1 is obsolete| | --- Comment #5 from Damien Miller <djm at mindrot.org> --- Comment on attachment 1869 --> https://bugzilla.mindrot.org/attachment.cgi?id=1869 /home/djm/keyscan-uncrazy.diff ugh, attached the wrong diff twice :( -- Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are watching the assignee of the bug.
bugzilla-daemon at bugzilla.mindrot.org
2010-Jun-18 03:44 UTC
[Bug 1565] ssh-keyscan doesn't like comment-lines
https://bugzilla.mindrot.org/show_bug.cgi?id=1565 --- Comment #6 from Damien Miller <djm at mindrot.org> --- Created attachment 1870 --> https://bugzilla.mindrot.org/attachment.cgi?id=1870 /home/djm/keyscan-uncrazy.diff The original diff didn't correctly handle the case of "ssh-keyscan -f -" (it would SEGV or EINVAL on fopen). This one uses our existing wrapper for fgets(). -- Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are watching the assignee of the bug.
bugzilla-daemon at bugzilla.mindrot.org
2010-Jun-18 03:44 UTC
[Bug 1565] ssh-keyscan doesn't like comment-lines
https://bugzilla.mindrot.org/show_bug.cgi?id=1565 Damien Miller <djm at mindrot.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #1870| |ok?(dtucker at zip.com.au) Flags| | -- Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are watching the assignee of the bug.
bugzilla-daemon at bugzilla.mindrot.org
2010-Jun-18 03:45 UTC
[Bug 1565] ssh-keyscan doesn't like comment-lines
https://bugzilla.mindrot.org/show_bug.cgi?id=1565 Damien Miller <djm at mindrot.org> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |djm at mindrot.org Blocks| |1708 -- Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are watching the assignee of the bug. You are watching someone on the CC list of the bug.
bugzilla-daemon at bugzilla.mindrot.org
2010-Jun-18 09:56 UTC
[Bug 1565] ssh-keyscan doesn't like comment-lines
https://bugzilla.mindrot.org/show_bug.cgi?id=1565 Joachim Schipper <joachim at joachimschipper.nl> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #1806|0 |1 is obsolete| | --- Comment #7 from Joachim Schipper <joachim at joachimschipper.nl> --- Created attachment 1875 --> https://bugzilla.mindrot.org/attachment.cgi?id=1875 Patch to fix ssh-keyscan The attached patch is a slight alteration of your (Damien's) patch. - these lines are not related to SSH_MAX_PUBKEY_BYTES, so just hardcode some reasonable value; - linenum should be per-file, not over all files; - fatal() on long lines instead of silently ignoring them. -- Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are watching the assignee of the bug. You are watching someone on the CC list of the bug.
bugzilla-daemon at bugzilla.mindrot.org
2010-Jun-22 04:54 UTC
[Bug 1565] ssh-keyscan doesn't like comment-lines
https://bugzilla.mindrot.org/show_bug.cgi?id=1565 Darren Tucker <dtucker at zip.com.au> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |dtucker at zip.com.au --- Comment #8 from Darren Tucker <dtucker at zip.com.au> --- (In reply to comment #7)> Created attachment 1875 [details] > Patch to fix ssh-keyscan > > The attached patch is a slight alteration of your (Damien's) patch. > > - these lines are not related to SSH_MAX_PUBKEY_BYTES, so just hardcode > some reasonable value; > - linenum should be per-file, not over all files;These are both valid points.> - fatal() on long lines instead of silently ignoring them.This one I don't care so much about. -- Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are watching the assignee of the bug. You are watching someone on the CC list of the bug.
bugzilla-daemon at bugzilla.mindrot.org
2010-Jun-22 04:54 UTC
[Bug 1565] ssh-keyscan doesn't like comment-lines
https://bugzilla.mindrot.org/show_bug.cgi?id=1565 Darren Tucker <dtucker at zip.com.au> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #1870|ok?(dtucker at zip.com.au) |ok+ Flags| | -- Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are watching the assignee of the bug. You are watching someone on the CC list of the bug.
bugzilla-daemon at bugzilla.mindrot.org
2010-Jun-22 04:55 UTC
[Bug 1565] ssh-keyscan doesn't like comment-lines
https://bugzilla.mindrot.org/show_bug.cgi?id=1565 Damien Miller <djm at mindrot.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |RESOLVED Resolution| |FIXED --- Comment #9 from Damien Miller <djm at mindrot.org> --- I agree with Darren. The corresponding patch has been committed and will be in OpenSSH-5.6. Thanks! -- Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are watching the assignee of the bug. You are watching someone on the CC list of the bug.
bugzilla-daemon at bugzilla.mindrot.org
2011-Jan-24 01:33 UTC
[Bug 1565] ssh-keyscan doesn't like comment-lines
https://bugzilla.mindrot.org/show_bug.cgi?id=1565 Damien Miller <djm at mindrot.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|RESOLVED |CLOSED --- Comment #10 from Damien Miller <djm at mindrot.org> 2011-01-24 12:33:55 EST --- Move resolved bugs to CLOSED after 5.7 release -- Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are watching the assignee of the bug. You are watching someone on the CC list of the bug.