[PATCH] authfile: do not check st_size if we munged it

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

 



From: Mike Frysinger <vapier@xxxxxxxxxxxx>

The recent change to sshkey_load_file to bump the default stat size from
0 up to 64KiB ends up breaking loading of keys in that scenario.  This is
because later in the function, we check to see if the amount of data we
read matches what we stat-ed, and since we changed it to 64KiB, we never
actually match (unless the key data happens to be 64KiB exactly).

Change the code to skip the sanity check in case we bumped it.

This shows up in the PNaCl version of ssh used by the SecureShell Chrome
extension: https://crbug.com/707941
---
 authfile.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/authfile.c b/authfile.c
index 7411b68f6e42..557e0205ab97 100644
--- a/authfile.c
+++ b/authfile.c
@@ -133,7 +133,8 @@ sshkey_load_file(int fd, struct sshbuf *blob)
 			goto out;
 		}
 	}
-	if ((st.st_mode & (S_IFSOCK|S_IFCHR|S_IFIFO)) == 0 &&
+	if (dontmax == 0 &&
+	    (st.st_mode & (S_IFSOCK|S_IFCHR|S_IFIFO)) == 0 &&
 	    st.st_size != (off_t)sshbuf_len(blob)) {
 		r = SSH_ERR_FILE_CHANGED;
 		goto out;
-- 
2.12.0

_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@xxxxxxxxxxx
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev



[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux