Re: Calysto v1.5 reports on ssh v4.6p1
This is a discussion on Re: Calysto v1.5 reports on ssh v4.6p1 within the OpenSSH Development forums, part of the Networking and Network Related category; Domagoj Babic wrote: > New version of Calysto reports a warning that looks like a bug to me: > > ------------------------------------------ &...
|
|||||||
| FAQ | Members List | Calendar | Search | Today's Posts | Mark Forums Read |
08-12-2007
|
|||
|
|||
Re: Calysto v1.5 reports on ssh v4.6p1
Domagoj Babic wrote:
> New version of Calysto reports a warning that looks like a bug to me: > > ------------------------------------------ > Possible NULL-ptr deref (vc27053): > @/work/projects/llvm/tools/Calysto/IfaceSpecs/clib.c:1823 > Bug: ?? > Explanation: > > choose_dh (dh.c:111) calls fopen twice (@120). If the first call to > fopen fails (returns NULL), but the second one succeeds, fgets (@129) is > called with f==NULL. I don't follow. If the second call to fopen succeeds, f is a valid FILE pointer returned by the second fopen call, not NULL. If both fail, the function logs a warning,returns DH group 14 and never reaches the fgets. 120 if ((f = fopen(_PATH_DH_MODULI, "r")) == NULL && 121 (f = fopen(_PATH_DH_PRIMES, "r")) == NULL) { 122 logit("WARNING: %s does not exist, using fixed modulus", 123 _PATH_DH_MODULI); 124 return (dh_new_group14()); 125 } 126 127 linenum = 0; 128 best = bestcount = 0; 129 while (fgets(line, sizeof(line), f)) { -- Darren Tucker (dtucker at zip.com.au) GPG key 8FF4FA69 / D9A3 86E9 7EEE AF4B B2D4 37C9 C982 80C7 8FF4 FA69 Good judgement comes with experience. Unfortunately, the experience usually comes from bad judgement. _______________________________________________ openssh-unix-dev mailing list openssh-unix-dev@mindrot.org https://lists.mindrot.org/mailman/li...enssh-unix-dev 
|
Linear Mode
