Thanks, What version of OpenSSH is this? Also, when reporting fuzzer-derived problems it really helps to include the test-case. -d On Sun, 29 Mar 2015, Hanno B?ck wrote: > Hi, > > When ssh accesses a config file that contains a zero byte it'll expose > a stack overflow. This can only be seen with valgrind or with compiling > ssh with address sanitizer. I'll attach the address sanitizer and > valgrind output. > > Reproduce: > dd if=/dev/zero of=zero bs=1 count=1 > valgrind -q ssh -F zero x > > This was found while fuzzing ssh with american fuzzy lop. > > (Please CC me on replies, I'm not subscribed to the list.) > > cu, > -- > Hanno B?ck > http://hboeck.de/ > > mail/jabber: hanno@xxxxxxxxx > GPG: BBB51E42 > _______________________________________________ openssh-unix-dev mailing list openssh-unix-dev@xxxxxxxxxxx https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev