bugzilla-daemon at mindrot.org
2023-Jun-14 14:13 UTC
[Bug 3579] New: OpenSSH trims last character of fixed-lenght buffers received from the pkcs11 providers providing users with inaccurate information
https://bugzilla.mindrot.org/show_bug.cgi?id=3579 Bug ID: 3579 Summary: OpenSSH trims last character of fixed-lenght buffers received from the pkcs11 providers providing users with inaccurate information Product: Portable OpenSSH Version: 9.3p1 Hardware: Other OS: Linux Status: NEW Severity: enhancement Priority: P5 Component: Smartcard Assignee: unassigned-bugs at mindrot.org Reporter: jjelen at redhat.com The rmspace() function is removing last character from the fixed-length buffers to make sure they are safe for handling with standard functions such as printf and null terminated. But this is problematic when the buffer is full, which is common for serial number. Right now, these buffers are not used for anything else than debug information and PIN prompt so it should be safe not to remove the last character and use printfs()'s precision modifier to make sure we do not go over the buffer limits. https://github.com/openssh/openssh-portable/pull/406 -- You are receiving this mail because: You are watching the assignee of the bug.
bugzilla-daemon at mindrot.org
2023-Aug-22 23:51 UTC
[Bug 3579] OpenSSH trims last character of fixed-lenght buffers received from the pkcs11 providers providing users with inaccurate information
https://bugzilla.mindrot.org/show_bug.cgi?id=3579 Damien Miller <djm at mindrot.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Resolution|--- |FIXED Status|NEW |RESOLVED Blocks| |3549 CC| |djm at mindrot.org --- Comment #1 from Damien Miller <djm at mindrot.org> --- This was fixed in 6958f00acf3b9 and released in OpenSSH 9.4 Referenced Bugs: https://bugzilla.mindrot.org/show_bug.cgi?id=3549 [Bug 3549] Tracking bug for OpenSSH 9.4 -- You are receiving this mail because: You are watching the assignee of the bug. You are watching someone on the CC list of the bug.
Seemingly Similar Threads
- [Bug 3549] New: Tracking bug for OpenSSH 9.4
- [Bug 3561] New: Open SSH does not support 1-byte structure packing on non-windows systems for PKCS11
- [PATCH] ssh-pkcs11: allow providing unconditional pin code for PKCS11
- [PATCH] ssh-pkcs11: allow providing unconditional pin code for PKCS11
- [PATCH] ssh-pkcs11: allow providing unconditional pin code for PKCS11