bugzilla-daemon at bugzilla.mindrot.org
2015-Sep-08 21:19 UTC
[Bug 2460] New: Non-zero return values are not properly returned from openssh_RSA_verify
https://bugzilla.mindrot.org/show_bug.cgi?id=2460
Bug ID: 2460
Summary: Non-zero return values are not properly returned from
openssh_RSA_verify
Product: Portable OpenSSH
Version: 7.1p1
Hardware: All
OS: All
Status: NEW
Severity: normal
Priority: P5
Component: sshd
Assignee: unassigned-bugs at mindrot.org
Reporter: me at basilcrow.com
openssh_RSA_verify in ssh-rsa.c defines ret to be of type size_t, which
is unsigned. It then assigns signed values such as
SSH_ERR_INTERNAL_ERROR (-1) to ret. Finally, it returns ret (a size_t),
while the method signature of openssh_RSA_verify is defined as
returning type int. The method works as intended to some degree, in
that on success it returns 0 and on failure it returns non-zero. But if
one were to try to do something with the return value on failure, one
would find it to be garbage. The same goes for trying to observe the
return value with a debugger. This problem could easily be fixed by
declaring ret to be of type int.
--
You are receiving this mail because:
You are watching the assignee of the bug.
bugzilla-daemon at bugzilla.mindrot.org
2015-Sep-09 00:53 UTC
[Bug 2460] Non-zero return values are not properly returned from openssh_RSA_verify
https://bugzilla.mindrot.org/show_bug.cgi?id=2460
Damien Miller <djm at mindrot.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Blocks| |2451
Resolution|--- |FIXED
CC| |djm at mindrot.org
Status|NEW |RESOLVED
--- Comment #1 from Damien Miller <djm at mindrot.org> ---
Fixed - thanks.
Referenced Bugs:
https://bugzilla.mindrot.org/show_bug.cgi?id=2451
[Bug 2451] Bugs intended to be fixed in 7.2
--
You are receiving this mail because:
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.
bugzilla-daemon at bugzilla.mindrot.org
2016-Aug-02 00:41 UTC
[Bug 2460] Non-zero return values are not properly returned from openssh_RSA_verify
https://bugzilla.mindrot.org/show_bug.cgi?id=2460
Damien Miller <djm at mindrot.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|RESOLVED |CLOSED
--- Comment #2 from Damien Miller <djm at mindrot.org> ---
Close all resolved bugs after 7.3p1 release
--
You are receiving this mail because:
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.
Apparently Analagous Threads
- [Bug 2451] New: Bugs intended to be fixed in 7.2
- [Bug 2503] New: The sshd log files are insufficient to detect sessions
- [Bug 2470] New: ssh-keygen reports wrong minimal passphrase length
- [Bug 2507] New: missing or misleading error messages
- [Bug 2469] New: ssh connection hangs indefinitely on EPIPE