bugzilla-daemon at mindrot.org
2013-May-09 08:45 UTC
[Bug 2100] New: Missing dereference when bzeroing unused identities
https://bugzilla.mindrot.org/show_bug.cgi?id=2100
Bug ID: 2100
Summary: Missing dereference when bzeroing unused identities
Classification: Unclassified
Product: Portable OpenSSH
Version: 6.2p1
Hardware: Other
OS: Linux
Status: NEW
Severity: enhancement
Priority: P5
Component: ssh
Assignee: unassigned-bugs at mindrot.org
Reporter: cjwatson at debian.org
Created attachment 2256
--> https://bugzilla.mindrot.org/attachment.cgi?id=2256&action=edit
Fix size passed to bzero
GCC 4.8 warns (for Debian package, so line numbers may be off from
mainline, sorry):
../sshconnect2.c: In function 'pubkey_prepare':
../sshconnect2.c:1527:20: warning: argument to 'sizeof' in
'bzero' call
is the same expression as the destination; did you mean to dereference
it? [-Wsizeof-pointer-memaccess]
bzero(id, sizeof(id));
It's correct; this code only zeroes the first sizeof(pointer) bytes of
the Identity structure, rather than the whole thing. Patch attached.
--
You are receiving this mail because:
You are watching the assignee of the bug.
bugzilla-daemon at mindrot.org
2013-May-10 03:40 UTC
[Bug 2100] Missing dereference when bzeroing unused identities
https://bugzilla.mindrot.org/show_bug.cgi?id=2100
Damien Miller <djm at mindrot.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |djm at mindrot.org
Status|NEW |RESOLVED
Resolution|--- |FIXED
--- Comment #1 from Damien Miller <djm at mindrot.org> ---
applied - will be in 6.3. Thanks
--
You are receiving this mail because:
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.
bugzilla-daemon at mindrot.org
2013-May-10 04:08 UTC
[Bug 2100] Missing dereference when bzeroing unused identities
https://bugzilla.mindrot.org/show_bug.cgi?id=2100
Damien Miller <djm at mindrot.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Blocks| |2076
--
You are receiving this mail because:
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.
bugzilla-daemon at bugzilla.mindrot.org
2016-Aug-02 00:41 UTC
[Bug 2100] Missing dereference when bzeroing unused identities
https://bugzilla.mindrot.org/show_bug.cgi?id=2100
Damien Miller <djm at mindrot.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|RESOLVED |CLOSED
--- Comment #2 from Damien Miller <djm at mindrot.org> ---
Close all resolved bugs after 7.3p1 release
--
You are receiving this mail because:
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.
Seemingly Similar Threads
- vanilla build of 7.7p1 release on linux/4.17 fails with gcc8 @ "/usr/bin/ld: unrecognized option '-Wl,-z,retpolineplt'"
- Deprecated calls to bzero() and index() found in OpenSSH 6.1p1
- [Bug 2095] New: ssh client not respecting IdentitiesOnly=yes option
- "no such identity"
- [Bug 2642] New: [sshconnect2] publickey authentication only properly works if used first: pubkey_prepare doesn't work after pubkey_cleanup