openssh bugs - Nov 2015 - [Bug 2500] New: ConnectionAttempts=0 causes ssh to output uninitialised data on stdout

https://bugzilla.mindrot.org/show_bug.cgi?id=2500

            Bug ID: 2500
           Summary: ConnectionAttempts=0 causes ssh to output
                    uninitialised data on stdout
           Product: Portable OpenSSH
           Version: 7.1p1
          Hardware: amd64
                OS: Linux
            Status: NEW
          Severity: normal
          Priority: P5
         Component: ssh
          Assignee: unassigned-bugs at mindrot.org
          Reporter: dvw at phas.ubc.ca

Using ssh with ConnectionAttempts set to zero results in the contents
of uninitialised memory being sent to stdout.  For example:

$ ssh -o ConnectionAttempts=0 somehost
ssh: connect to host somehost port \200\335q\002\374\177: Success

Cause:

When ssh_connect_direct() is passed connection_attempts=0, the
strport[] buffer is never initialised, since the whole attempt loop is
skipped.  Its contents are later output in the error message after the
skipped loop (sshconnect.c:485).

-- 
You are receiving this mail because:
You are watching the assignee of the bug.

https://bugzilla.mindrot.org/show_bug.cgi?id=2500

Damien Miller <djm at mindrot.org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Blocks|                            |2451
                 CC|                            |djm at mindrot.org
         Resolution|---                         |FIXED
             Status|NEW                         |RESOLVED

--- Comment #1 from Damien Miller <djm at mindrot.org> ---
Fixed in
https://anongit.mindrot.org/openssh.git/commit/?id=88b6fcdeb87a2fb76767854d9eb15006662dca57
- thanks. This will be released in OpenSSH 7.2


Referenced Bugs:

https://bugzilla.mindrot.org/show_bug.cgi?id=2451
[Bug 2451] Bugs intended to be fixed in 7.2
-- 
You are receiving this mail because:
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.

https://bugzilla.mindrot.org/show_bug.cgi?id=2500

Damien Miller <djm at mindrot.org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|RESOLVED                    |CLOSED

--- Comment #2 from Damien Miller <djm at mindrot.org> ---
Close all resolved bugs after release of OpenSSH 7.7.

-- 
You are receiving this mail because:
You are watching someone on the CC list of the bug.
You are watching the assignee of the bug.