similar to: [Bug 2540] New: Adds xstrndup() to xmalloc.h/xmalloc.c in OpenSSH 7.x

https://bugzilla.mindrot.org/show_bug.cgi?id=2541 Bug ID: 2541 Summary: Add explicit_bzero() before free() in OpenSSH-7.1p2 for auth1.c/auth2.c/auth2-hostbased.c Product: Portable OpenSSH Version: 7.1p1 Hardware: All OS: All Status: NEW Severity: normal Priority: P5

Hello All, In reviewing some code in file 'bsd-cray.c', I found a possible issue where data in the following code may not be properly scrubbed in the case IA_BACKDOOR in function 'cray_setup', which is below: case IA_BACKDOOR: /* XXX: can we memset it to zero here so save some of this */ strlcpy(ue.ue_name, "root",

https://bugzilla.mindrot.org/show_bug.cgi?id=2539 Bug ID: 2539 Summary: Add missing sanity check for read_passphrase() in auth-pam.c Product: Portable OpenSSH Version: 7.1p1 Hardware: All OS: All Status: NEW Severity: major Priority: P5 Component: PAM support

>It''s not hard to support arbitrary alignment, at the cost of burning >some space. We should probably do that. The "we" in that last sentence is the Xen team ... referring to making fixes to xmalloc? -Tony _______________________________________________ Xen-devel mailing list Xen-devel@lists.xensource.com http://lists.xensource.com/xen-devel

Hi list, (Please Cc: me in your replies because I'm not subscribed to this list.) While trying to build lukemftpd staticaly on FreeBSD, I got a link-time error. Libssh.a indeed provides the "xmalloc" symbol (I suppose there are more). I wonder if this is whether intentional or not. It is a very common function name, and I think it would be worth renaming it to something like

hi all, I got "xmalloc: out of memory" when i used ssh-keyscan to a remote host that is using SSH protocol 2 and only protocol 2 (no fallback to SSH protocol 1). Looks to me more like ssh-keyscan doesn't talk SSH protocol 2 to the server. Please help. Here is the exact error: # /usr/local/bin/ssh-keyscan -v miad_1 # miad_1 SSH-2.0-OpenSSH_3.0.2p1 xmalloc: out of memory

https://bugzilla.mindrot.org/show_bug.cgi?id=1773 Jakub Jelen <jjelen at redhat.com> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |jjelen at redhat.com --- Comment #5 from Jakub Jelen <jjelen at redhat.com> --- This is related to the bug

This patch replaces the Xen xmalloc engine with tlsf, an allocation engine that is both more space efficient and time-bounded, especially for allocation sizes between PAGE_SIZE/2 and PAGE_SIZE. The file xmalloc.c is deprecated but not yet deleted. A simple switch of a comment line in common/Makefile will change back to the legacy xmalloc/xfree if needed for testing. Code adapted from Nitin

http://bugzilla.mindrot.org/show_bug.cgi?id=741 Summary: SSH with long banner has xmalloc error and disables the -q option Product: Portable OpenSSH Version: -current Platform: All OS/Version: Solaris Status: NEW Severity: normal Priority: P2 Component: ssh AssignedTo:

https://bugzilla.mindrot.org/show_bug.cgi?id=1773 Sergey Ivanov <evasive.gyron at gmail.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #1851|0 |1 is obsolete| | CC|

https://bugzilla.mindrot.org/show_bug.cgi?id=1773 --- Comment #6 from Sergey Ivanov <evasive.gyron at gmail.com> --- Error is exactly as described by original author. ssh -A -I /usr/lib/libeToken.so -p example.net -vvv OpenSSH_7.1p1, OpenSSL 1.0.2d 9 Jul 2015 debug1: Reading configuration data /etc/ssh/ssh_config debug2: ssh_connect: needpriv 0 debug1: Connecting to example.com

https://bugzilla.mindrot.org/show_bug.cgi?id=1773 Damien Miller <djm at mindrot.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #2713|0 |1 is obsolete| | --- Comment #7 from Damien Miller <djm at mindrot.org> ---

https://bugzilla.mindrot.org/show_bug.cgi?id=1773 --- Comment #8 from Sergey Ivanov <evasive.gyron at gmail.com> --- Provided patch corrects the xmalloc error. Thanks. -- You are receiving this mail because: You are watching someone on the CC list of the bug. You are watching the assignee of the bug.

I have a file of R code which I source(). The code has this structure: repeat { ## check size of each of sixteen files ## if any of the file sizes has increased, then ## read the last 65 lines of all the files ## do a few computations, make a plot } With the intention of using Ctrl-C to manually break the loop when desired. I set this thing running yesterday afternoon, and

https://bugzilla.mindrot.org/show_bug.cgi?id=1773 Summary: PKCS#11 authentication fails with "xmalloc: zero size" for some certificates. Product: Portable OpenSSH Version: 5.5p1 Platform: All OS/Version: All Status: NEW Severity: normal Priority: P2 Component: Smartcard

>From: Luck, Tony >Sent: 2005年11月23日 0:11 >This comment: >> /* >> * The "aligned" directive can only _increase_ alignment, so this is >> * safe and provides an easy way to avoid wasting space on a >> * uni-processor: >> */ >suggests that we only expected SMP_CACHE_BYTES to be used in "aligned" >directives, where having

https://bugzilla.mindrot.org/show_bug.cgi?id=1773 Sergey Ivanov <evasive.gyron at gmail.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Resolution|FIXED |--- Status|CLOSED |REOPENED --- Comment #4 from Sergey Ivanov

https://bugzilla.mindrot.org/show_bug.cgi?id=1773 Sergey Ivanov <evasive.gyron at gmail.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Version|5.5p1 |7.1p1 -- You are receiving this mail because: You are watching someone on the CC list of the bug. You are

https://bugzilla.mindrot.org/show_bug.cgi?id=1773 --- Comment #9 from Sergey Ivanov <evasive.gyron at gmail.com> --- Any updates on status of this patch? Will it be included in next release? -- You are receiving this mail because: You are watching the assignee of the bug. You are watching someone on the CC list of the bug.

https://bugzilla.mindrot.org/show_bug.cgi?id=1773 Damien Miller <djm at mindrot.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Blocks|1708 |2451 Referenced Bugs: https://bugzilla.mindrot.org/show_bug.cgi?id=1708 [Bug 1708] Bugs intended to be fixed in