On Mar 21 13:56-0400, Scott Duckworth wrote: > On Fri, Mar 21, 2014 at 12:15 PM, Daniel Kahn Gillmor <dkg@xxxxxxxxxxxxxxxxx> > wrote: > > those limits suggest that the size is 128kiB on anything resembling a > > modern Linux system. > > How about other platforms? It looks like they are all over the place. See: http://www.in-ulm.de/~mascheck/various/argmax/#results for some actual numbers (however a lot of those seem to be pretty obscure *NIX variants). > > ssh-keygen doesn't generate anything greater than 16384 bits (16Kib, or > > 2KiB), and very few people use anything even close to that size. using > > base64 encoding inflates the size to 4/3, so we're talking about < 3KiB > > for the full base64-enoded, largest possible public key. > > > > More modern keys (EdDSA or ECDSA) are much much smaller. > > > > I'm glad you're thinking about size limits for env and argv, but i don't > > think this is even close to the size limits of realistic systems. > > Even though ssh-keygen doesn't produce anything larger than 16384 bits, > wouldn't it be possible for somebody to craft a key that is larger to > attempt a buffer overflow? <snip> You can check sysconf(_SC_ARG_MAX) to get an idea of the size limit. See: http://www.in-ulm.de/~mascheck/various/argmax/ for more detailed information. Also, setenv/putenv should return an error rather than overflow the buffer if the variable is too large. The only other concern would be a buffer overflow in the AuthorizedKeysCommand. See: https://www.owasp.org/index.php/Buffer_Overflow_via_Environment_Variables for an example. -- Eldon Koyle _______________________________________________ openssh-unix-dev mailing list openssh-unix-dev@xxxxxxxxxxx https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
