search for: 9bfa2215

Hi, When ssh accesses a config file that contains a zero byte it'll expose a stack overflow. This can only be seen with valgrind or with compiling ssh with address sanitizer. I'll attach the address sanitizer and valgrind output. Reproduce: dd if=/dev/zero of=zero bs=1 count=1 valgrind -q ssh -F zero x This was found while fuzzing ssh with american fuzzy lop. (Please CC me on replies,

...abber: hanno at hboeck.de GPG: BBB51E42 -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 819 bytes Desc: OpenPGP digital signature URL: <http://lists.mindrot.org/pipermail/openssh-unix-dev/attachments/20150330/9bfa2215/attachment.bin>