bugzilla-daemon at mindrot.org
2022-Apr-21 19:01 UTC
[Bug 3425] New: sshauthopt_new() call in auth_restrict_session in auth.c has no NULL check
https://bugzilla.mindrot.org/show_bug.cgi?id=3425 Bug ID: 3425 Summary: sshauthopt_new() call in auth_restrict_session in auth.c has no NULL check Product: Portable OpenSSH Version: v9.0p1 Hardware: Other OS: Windows 11 Status: NEW Severity: normal Priority: P5 Component: sshd Assignee: unassigned-bugs at mindrot.org Reporter: tessgauthier at microsoft.com sshauthopt_net() is an unguarded null returned reference: void auth_restrict_session(struct ssh *ssh) { struct sshauthopt *restricted; debug_f("restricting session"); /* A blank sshauthopt defaults to permitting nothing */ restricted = sshauthopt_new(); restricted->permit_pty_flag = 1; restricted->restricted = 1; if (auth_activate_options(ssh, restricted) != 0) fatal_f("failed to restrict session"); sshauthopt_free(restricted); } -- You are receiving this mail because: You are watching the assignee of the bug.
bugzilla-daemon at mindrot.org
2022-Apr-22 00:55 UTC
[Bug 3425] sshauthopt_new() call in auth_restrict_session in auth.c has no NULL check
https://bugzilla.mindrot.org/show_bug.cgi?id=3425 Darren Tucker <dtucker at dtucker.net> changed: What |Removed |Added ---------------------------------------------------------------------------- Blocks| |3418 CC| |dtucker at dtucker.net Referenced Bugs: https://bugzilla.mindrot.org/show_bug.cgi?id=3418 [Bug 3418] tracking bug for openssh-9.1 -- You are receiving this mail because: You are watching the assignee of the bug. You are watching someone on the CC list of the bug.
bugzilla-daemon at mindrot.org
2022-Apr-29 03:30 UTC
[Bug 3425] sshauthopt_new() call in auth_restrict_session in auth.c has no NULL check
https://bugzilla.mindrot.org/show_bug.cgi?id=3425 Darren Tucker <dtucker at dtucker.net> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |RESOLVED Resolution|--- |FIXED --- Comment #1 from Darren Tucker <dtucker at dtucker.net> --- Applied, thanks: https://github.com/openssh/openssh-portable/commit/67b7c784769c74fd4d6b147d91e17e1ac1a8a96d -- You are receiving this mail because: You are watching the assignee of the bug. You are watching someone on the CC list of the bug.
bugzilla-daemon at mindrot.org
2022-Oct-04 10:58 UTC
[Bug 3425] sshauthopt_new() call in auth_restrict_session in auth.c has no NULL check
https://bugzilla.mindrot.org/show_bug.cgi?id=3425 Damien Miller <djm at mindrot.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|RESOLVED |CLOSED --- Comment #2 from Damien Miller <djm at mindrot.org> --- Closing bugs from openssh-9.1 release cycle -- You are receiving this mail because: You are watching the assignee of the bug. You are watching someone on the CC list of the bug.