Regression in 6.5p1 when using -W option

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

 

Hi,

we got a report on the Cygwin mailing list showing that there's a
spurious error message when using the -W option.  This didn't occur with
OpenSSH 6.4p1.  Here's an example:

  $ ssh machine1 -W machine2:22
  getsockname failed: Bad file descriptor
  SSH-2.0-OpenSSH_6.1

The error message is a result of getsockname being called with a
file descriptor -1.  The call stack at the time looks like this:

Breakpoint 2, get_socket_address (sock=-1, remote=remote@entry=0,
    flags=flags@entry=2) at /usr/src/debug/openssh-6.5p1-1/canohost.c:256
256                     if (getsockname(sock, (struct sockaddr *)&addr, &addrlen)
(gdb) bt
#0  get_socket_address (sock=-1, remote=remote@entry=0, flags=flags@entry=2)
    at /usr/src/debug/openssh-6.5p1-1/canohost.c:256
#1  0x0000000100432213 in get_local_ipaddr (sock=<optimized out>)
    at /usr/src/debug/openssh-6.5p1-1/canohost.c:292
#2  0x0000000100418db5 in port_open_helper (c=c@entry=0x600074700,
    rtype=rtype@entry=0x10045fe0d <log_facilities+301> "direct-tcpip")
    at /usr/src/debug/openssh-6.5p1-1/channels.c:1388
#3  0x000000010041dc07 in channel_connect_stdio_fwd (
    host_to_connect=0x600039800 "machine2", port_to_connect=22, in=in@entry=4,
    out=5) at /usr/src/debug/openssh-6.5p1-1/channels.c:1269
#4  0x0000000100401566 in ssh_init_stdio_forwarding ()
    at /usr/src/debug/openssh-6.5p1-1/ssh.c:1260
#5  0x0000000100454171 in ssh_session2 ()
    at /usr/src/debug/openssh-6.5p1-1/ssh.c:1606
#6  main (ac=<optimized out>, av=<optimized out>)
    at /usr/src/debug/openssh-6.5p1-1/ssh.c:1130

This is not Cygwin specific.  To be really sure I tested this on Linux
and the message shows up, too, while it doesn't with 6.4p1.  The problem
is still present in current portable CVS.

The reason is that port_open_helper calls get_local_ipaddr on c->socl
unconditionally in port_open_helper without checking the value of
c->sock first.

I didn't generate a patch because I'm not really sure what's the best
way to fix this issue.  Hope that helps nevertheless.


Thanks,
Corinna

-- 
Corinna Vinschen
Cygwin Maintainer
Red Hat

Attachment: pgp0nlQmyliLu.pgp
Description: PGP signature

_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@xxxxxxxxxxx
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux