[Bug 2989] Revoking certificates when TrustedUserCAKeys-file contains multiple keys does not work

2023-10-10 Thread bugzilla-daemon 
https://bugzilla.mindrot.org/show_bug.cgi?id=2989

Damien Miller  changed:

   What|Removed |Added

 Resolution|--- |WORKSFORME
 Status|NEW |RESOLVED

--- Comment #2 from Damien Miller  ---
Closing for lack of followup

-- 
You are receiving this mail because:
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.
___
openssh-bugs mailing list
openssh-bugs@mindrot.org
https://lists.mindrot.org/mailman/listinfo/openssh-bugs

[Bug 2976] Avoid automatically adding RemoteCommand option

2023-10-10 Thread bugzilla-daemon 
https://bugzilla.mindrot.org/show_bug.cgi?id=2976

Damien Miller  changed:

   What|Removed |Added

 Status|NEW |RESOLVED
 Resolution|--- |WONTFIX
 CC||d...@mindrot.org

--- Comment #1 from Damien Miller  ---
I think this case could be satisfied using `scp -J` (jumphost). In any
case, we won't add an option for this particular case, sorry - it's a
bit too niche.

-- 
You are receiving this mail because:
You are watching someone on the CC list of the bug.
You are watching the assignee of the bug.
___
openssh-bugs mailing list
openssh-bugs@mindrot.org
https://lists.mindrot.org/mailman/listinfo/openssh-bugs

[Bug 2966] scp client-side filename matching problems

2023-10-10 Thread bugzilla-daemon 
https://bugzilla.mindrot.org/show_bug.cgi?id=2966

Damien Miller  changed:

   What|Removed |Added

 Resolution|--- |FIXED
 Status|NEW |RESOLVED

--- Comment #6 from Damien Miller  ---
I just committed something similar:
https://github.com/openssh/openssh-portable/commit/c97520d23d1fe53d30725a2af25d26f2faff

Since this bug was opened, we also switched the default protocol for
scp from the old rcp protocol to SFTP, which performs all glob
expansion on the client and so doesn't suffer from these problems.

-- 
You are receiving this mail because:
You are watching someone on the CC list of the bug.
You are watching the assignee of the bug.
___
openssh-bugs mailing list
openssh-bugs@mindrot.org
https://lists.mindrot.org/mailman/listinfo/openssh-bugs

[Bug 2957] servconf.c: parse_multistate: does not allow override?

2023-10-10 Thread bugzilla-daemon 
https://bugzilla.mindrot.org/show_bug.cgi?id=2957

Damien Miller  changed:

   What|Removed |Added

 Status|NEW |RESOLVED
 Resolution|--- |WORKSFORME

-- 
You are receiving this mail because:
You are watching someone on the CC list of the bug.
You are watching the assignee of the bug.
___
openssh-bugs mailing list
openssh-bugs@mindrot.org
https://lists.mindrot.org/mailman/listinfo/openssh-bugs

[Bug 2917] keepalive packets are sent twice each interval if connection is interrupted

2023-10-10 Thread bugzilla-daemon 
https://bugzilla.mindrot.org/show_bug.cgi?id=2917

Damien Miller  changed:

   What|Removed |Added

 Resolution|--- |FIXED
 Status|NEW |RESOLVED
 CC||d...@mindrot.org

--- Comment #1 from Damien Miller  ---
I think this got fixed in 9d7193a835963 if it wasn't already fixed
during refactoring.

-- 
You are receiving this mail because:
You are watching someone on the CC list of the bug.
You are watching the assignee of the bug.
___
openssh-bugs mailing list
openssh-bugs@mindrot.org
https://lists.mindrot.org/mailman/listinfo/openssh-bugs

[Bug 2899] scp remote-to-remote does not work with IPv6 addresses anymore

2023-10-10 Thread bugzilla-daemon 
https://bugzilla.mindrot.org/show_bug.cgi?id=2899

Damien Miller  changed:

   What|Removed |Added

 CC||d...@mindrot.org
 Status|NEW |RESOLVED
 Resolution|--- |FIXED

--- Comment #1 from Damien Miller  ---
This seems to have been fixed at some point. Both

scp [::1]:/bin/ls [::1]:/tmp
scp -O [::1]:/bin/ls [::1]:/tmp

work for me. Please reopen if otherwise.

-- 
You are receiving this mail because:
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.
___
openssh-bugs mailing list
openssh-bugs@mindrot.org
https://lists.mindrot.org/mailman/listinfo/openssh-bugs

[Bug 2861] LDAP user with public key authentication showing AUTHSTATE=compat

2023-10-10 Thread bugzilla-daemon 
https://bugzilla.mindrot.org/show_bug.cgi?id=2861

Damien Miller  changed:

   What|Removed |Added

 Resolution|--- |WORKSFORME
 Status|NEW |RESOLVED
 CC||d...@mindrot.org

--- Comment #6 from Damien Miller  ---
Closing; no followup from reporter for 5+ years

-- 
You are receiving this mail because:
You are watching someone on the CC list of the bug.
You are watching the assignee of the bug.
___
openssh-bugs mailing list
openssh-bugs@mindrot.org
https://lists.mindrot.org/mailman/listinfo/openssh-bugs

[Bug 2856] key-options.sh fails when pty /dev/ttyp1 is not owned by testing user

2023-10-10 Thread bugzilla-daemon 
https://bugzilla.mindrot.org/show_bug.cgi?id=2856

--- Comment #5 from Damien Miller  ---
Is this still broken? AFAIK we regularly run integration tests on
NetBSD and it they are working okay.

-- 
You are receiving this mail because:
You are watching someone on the CC list of the bug.
You are watching the assignee of the bug.
___
openssh-bugs mailing list
openssh-bugs@mindrot.org
https://lists.mindrot.org/mailman/listinfo/openssh-bugs

[Bug 2833] The code in opennsd-compat/port-solaris.c should not change PRIV_LIMIT when PRIV_XPOLICY is set.

2023-10-10 Thread bugzilla-daemon 
https://bugzilla.mindrot.org/show_bug.cgi?id=2833

Damien Miller  changed:

   What|Removed |Added

 CC||dtuc...@dtucker.net
   Attachment #3740||ok?(dtuc...@dtucker.net)
  Flags||

--- Comment #7 from Damien Miller  ---
Created attachment 3740
  --> https://bugzilla.mindrot.org/attachment.cgi?id=3740=edit
same patch

Here's the same patch attached for easier review/committing.

-- 
You are receiving this mail because:
You are watching someone on the CC list of the bug.
You are watching the assignee of the bug.
___
openssh-bugs mailing list
openssh-bugs@mindrot.org
https://lists.mindrot.org/mailman/listinfo/openssh-bugs

[Bug 2830] Add option to set TCP_USER_TIMEOUT on linux

2023-10-10 Thread bugzilla-daemon 
https://bugzilla.mindrot.org/show_bug.cgi?id=2830

Damien Miller  changed:

   What|Removed |Added

 CC||d...@mindrot.org

--- Comment #3 from Damien Miller  ---
Isn't this use-case already handled by
ClientAliveInterval/ClientAliveCountMax and the corresponding client
option? These allow termination of connections for all kinds of network
interruptions, not just link drops.

-- 
You are receiving this mail because:
You are watching someone on the CC list of the bug.
You are watching the assignee of the bug.
___
openssh-bugs mailing list
openssh-bugs@mindrot.org
https://lists.mindrot.org/mailman/listinfo/openssh-bugs

[Bug 3613] Unable to sign using certificates and PKCS#11

2023-10-10 Thread bugzilla-daemon 
https://bugzilla.mindrot.org/show_bug.cgi?id=3613

--- Comment #6 from Damien Miller  ---
(In reply to aim from comment #5)

> Oh yeah, I can see it already uses softhsm. Should be easy enough to
> port. I can try giving it a go if you like? Have you made any
> progress on the patch, is there anything I can help with?


Sorry, I've been away and haven't had time to look at it. Getting the
agent-pkcs11.sh regress test going (and failing) with certs would be a
great help if you're able.

-- 
You are receiving this mail because:
You are watching someone on the CC list of the bug.
You are watching the assignee of the bug.
___
openssh-bugs mailing list
openssh-bugs@mindrot.org
https://lists.mindrot.org/mailman/listinfo/openssh-bugs

[Bug 3627] openssh 9.4p1 does not see RSA keys in know_hosts file.

2023-10-10 Thread bugzilla-daemon 
https://bugzilla.mindrot.org/show_bug.cgi?id=3627

Darren Tucker  changed:

   What|Removed |Added

 CC||dtuc...@dtucker.net

--- Comment #2 from Darren Tucker  ---
A long shot but does your OpenSSL build pass its self-tests?  ("cd
openssl && make tests").

-- 
You are receiving this mail because:
You are watching someone on the CC list of the bug.
You are watching the assignee of the bug.
___
openssh-bugs mailing list
openssh-bugs@mindrot.org
https://lists.mindrot.org/mailman/listinfo/openssh-bugs

[Bug 3627] openssh 9.4p1 does not see RSA keys in know_hosts file.

2023-10-10 Thread bugzilla-daemon 
https://bugzilla.mindrot.org/show_bug.cgi?id=3627

Damien Miller  changed:

   What|Removed |Added

 CC||d...@mindrot.org

--- Comment #1 from Damien Miller  ---
Created attachment 3739
  --> https://bugzilla.mindrot.org/attachment.cgi?id=3739=edit
additional debuigging for known_hosts

Please try applying this patch and running ssh in debug mode again. The
patch adds some additional diagnostics that might help figure out
what's happening here.

-- 
You are receiving this mail because:
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.
___
openssh-bugs mailing list
openssh-bugs@mindrot.org
https://lists.mindrot.org/mailman/listinfo/openssh-bugs

[Bug 3626] potentially uninitialized local pointer in sshkey_ecdsa_key_to_nid() in sshkey.c

2023-10-10 Thread bugzilla-daemon 
https://bugzilla.mindrot.org/show_bug.cgi?id=3626

Damien Miller  changed:

   What|Removed |Added

 Resolution|--- |INVALID
 Status|NEW |RESOLVED
 CC||d...@mindrot.org

--- Comment #1 from Damien Miller  ---
Another false positive. There is no uninitialised use of `eg` 

https://github.com/openssh/openssh-portable/blob/V_9_5_P1/sshkey.c#L1348

-- 
You are receiving this mail because:
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.
___
openssh-bugs mailing list
openssh-bugs@mindrot.org
https://lists.mindrot.org/mailman/listinfo/openssh-bugs

[Bug 3625] potentially uninitialized local pointer in send_handle() in sftp-server.c

2023-10-10 Thread bugzilla-daemon 
https://bugzilla.mindrot.org/show_bug.cgi?id=3625

Damien Miller  changed:

   What|Removed |Added

 CC||d...@mindrot.org
 Status|NEW |RESOLVED
 Resolution|--- |INVALID

--- Comment #1 from Damien Miller  ---
Another false positive. handle_to_string() initalises handle. Please
don't post untriaged compiler warnings as bugs.

-- 
You are receiving this mail because:
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.
___
openssh-bugs mailing list
openssh-bugs@mindrot.org
https://lists.mindrot.org/mailman/listinfo/openssh-bugs

[Bug 3624] potentially uninitialized local pointers in assemble_algorithms() in servconf.c

2023-10-10 Thread bugzilla-daemon 
https://bugzilla.mindrot.org/show_bug.cgi?id=3624

Damien Miller  changed:

   What|Removed |Added

 Status|NEW |RESOLVED
 Resolution|--- |INVALID
 CC||d...@mindrot.org

--- Comment #1 from Damien Miller  ---
This is definitely a bogus warning. The pointers in question are
initialised in the lines immediately following declaration:

https://github.com/openssh/openssh-portable/blob/V_9_5_P1/servconf.c#L212-L226

Please spend a moment to validate compiler warnings before posting them
as bugs here.

-- 
You are receiving this mail because:
You are watching someone on the CC list of the bug.
You are watching the assignee of the bug.
___
openssh-bugs mailing list
openssh-bugs@mindrot.org
https://lists.mindrot.org/mailman/listinfo/openssh-bugs

[Bug 3623] potentially uninitialized local pointers in fill_default_options() in readconf.c

2023-10-10 Thread bugzilla-daemon 
https://bugzilla.mindrot.org/show_bug.cgi?id=3623

Damien Miller  changed:

   What|Removed |Added

 Status|NEW |RESOLVED
 Resolution|--- |INVALID
 CC||d...@mindrot.org

--- Comment #1 from Damien Miller  ---
All these pointers are unconditionally initialised before use:

https://github.com/openssh/openssh-portable/blob/V_9_5_P1/readconf.c#L2784-L2794

If you have evidence otherwise beyond a compiler warning then please
reopen this bug.

-- 
You are receiving this mail because:
You are watching someone on the CC list of the bug.
You are watching the assignee of the bug.
___
openssh-bugs mailing list
openssh-bugs@mindrot.org
https://lists.mindrot.org/mailman/listinfo/openssh-bugs

[Bug 3627] New: openssh 9.4p1 does not see RSA keys in know_hosts file.

2023-10-10 Thread bugzilla-daemon 
https://bugzilla.mindrot.org/show_bug.cgi?id=3627

Bug ID: 3627
   Summary: openssh 9.4p1 does not see RSA keys in know_hosts
file.
   Product: Portable OpenSSH
   Version: 9.4p1
  Hardware: SPARC
OS: Solaris
Status: NEW
  Severity: major
  Priority: P5
 Component: ssh
  Assignee: unassigned-b...@mindrot.org
  Reporter: bugzi...@outputservices.com

Created attachment 3738
  --> https://bugzilla.mindrot.org/attachment.cgi?id=3738=edit
pdf of my issue

I have compiled openssh 9.4p1 using the following compile command:

configure CFLAGS="-g -O3
-L/usr/local/tools/openssh/openssh/openssl/lib/64
-R/usr/local/tools/openssh/openssh/openssl/lib/64 
-I/usr/local/tools/openssh/openssh/openssl/include/openssl" CC="gcc
-m64" --without-zlib-version-check --without-openssl-header-check
--with-pam --prefix=/usr/local/tools/openssh/openssh/openssh

Here is the version:

< user_lamborghini ~/.ssh: > ssh -V
OpenSSH_9.4p1, OpenSSL 3.1.2 1 Aug 2023
< user_lamborghini ~/.ssh: > 

I do not have any knowHost file in my directory

< user_lamborghini ~/.ssh: > ls -l
total 6
-rw-r--r--   1 user user 221 Mar 18  2012 authorized_keys
-rw-r--r--   1 user user  26 Aug 30 10:12 config
-rw-r--r--   1 user user 302 Sep  7 10:57 env
< user_lamborghini ~/.ssh: > 

I connect the first time it asks me to accept the RSA host key.

< user_lamborghini ~/.ssh: > ssh user@10.106.101.142
The authenticity of host '10.106.101.142 (10.106.101.142)' can't be
established.
RSA key fingerprint is
SHA256:lG+1WuVSfR9Frovpc3XXp/AvPK4LpRKSfLEe+6eai9w.
This key is not known by any other names.
Are you sure you want to continue connecting (yes/no/[fingerprint])?
yes
Warning: Permanently added '10.106.101.142' (RSA) to the list of known
hosts.

I finish logging in. 
user@10.106.101.142's password: 

### 
# 
# WRKSTN42
# 
### 

WARNING: This is a restricted access server. If you do not have 
explicit permission to access this server, please disconnect 
immediately. Unauthorized access to this system is considered gross 
misconduct and may result in disciplinary action, including revocation 
of network access privileges, immediate termination of employment,
and/or 
prosecution to the fullest extent of the law.  

Last login: Mon Oct  9 11:00:11 2023 from 10.10.10.62
#]0;user@wrkstn42: ~#user@wrkstn42:~$ exit
logout
Connection to 10.106.101.142 closed.
< user_lamborghini ~/.ssh: > 

Now I have TWO known_hosts files.  known_hosts and known_hosts.old.

< user_lamborghini ~/.ssh: > ls -l
total 10
-rw-r--r--   1 user user 221 Mar 18  2012 authorized_keys
-rw-r--r--   1 user user  26 Aug 30 10:12 config
-rw-r--r--   1 user user 302 Sep  7 10:57 env
-rw---   1 user user 792 Oct  9 11:19 known_hosts
-rw-r--r--   1 user user 396 Oct  9 11:19 known_hosts.old
< user_lamborghini ~/.ssh: > more known*

Here are the entries in the  known_hosts files:

::
known_hosts
::
10.106.101.142 ssh-rsa
B3NzaC1yc2EDAQABAAABAQDwCIAibDePAymJF3HY4JbLrwp3fXzdTkIi7rcRleoT3E7AxFo+dyQiWsuIRo93KUX4vftYxA7ZMIAuxrrkV/DkTh8MREGRJUR/tWE9w4r4EiGwJdV+mOWzvgYzjQIfeHx76f9zF17YsACbL3riPdWKxVvq80UPIYIkBfUdWbEYCZ1isFMUYgFbB/gE9RjyNmW3LbBiROa+8owMWOKEaZ0Pk3Cewo4gBBekx/zv4qSsM5i4J5OnTxbgUf2hCrvXAforHMGQ1JjsU+wNYScscDLWDh8vwVFTQDnwzQNifPh3j0XNN60xev3717Jz9Aa99NskCYNtOEpd6YHv23BwzaTx
10.106.101.142 ssh-rsa
B3NzaC1yc2EDAQABAAABAQDwCIAibDePAymJF3HY4JbLrwp3fXzdTkIi7rcRleoT3E7AxFo+dyQiWsuIRo93KUX4vftYxA7ZMIAuxrrkV/DkTh8MREGRJUR/tWE9w4r4EiGwJdV+mOWzvgYzjQIfeHx76f9zF17YsACbL3riPdWKxVvq80UPIYIkBfUdWbEYCZ1isFMUYgFbB/gE9RjyNmW3LbBiROa+8owMWOKEaZ0Pk3Cewo4gBBekx/zv4qSsM5i4J5OnTxbgUf2hCrvXAforHMGQ1JjsU+wNYScscDLWDh8vwVFTQDnwzQNifPh3j0XNN60xev3717Jz9Aa99NskCYNtOEpd6YHv23BwzaTx

::
known_hosts.old
::
10.106.101.142 ssh-rsa
B3NzaC1yc2EDAQABAAABAQDwCIAibDePAymJF3HY4JbLrwp3fXzdTkIi7rcRleoT3E7AxFo+dyQiWsuIRo93KUX4vftYxA7ZMIAuxrrkV/DkTh8MREGRJUR/tWE9w4r4EiGwJdV+mOWzvgYzjQIfeHx76f9zF17YsACbL3riPdWKxVvq80UPIYIkBfUdWbEYCZ1isFMUYgFbB/gE9RjyNmW3LbBiROa+8owMWOKEaZ0Pk3Cewo4gBBekx/zv4qSsM5i4J5OnTxbgUf2hCrvXAforHMGQ1JjsU+wNYScscDLWDh8vwVFTQDnwzQNifPh3j0XNN60xev3717Jz9Aa99NskCYNtOEpd6YHv23BwzaTx
< user_lamborghini ~/.ssh: > 

It is put in the known_hosts two times and known_hosts.old one time.

Now I log into the same workstation again and I get this error:

parse error in hostkeys file


< user_lamborghini ~/.ssh: > ssh -v user@10.106.101.142
OpenSSH_9.4p1, OpenSSL 3.1.2 1 Aug 2023
debug1: Reading configuration data /export/home/user/.ssh/config
debug1: Reading configuration data
/usr/local/tools/openssh/openssh_9.4.3.1.2/openssh/etc/ssh_config
debug1: Authenticator provider $SSH_SK_PROVIDER did not resolve;
disabling
debug1: Connecting to 10.106.101.142 [10.106.101.142] port 22.
debug1: Connection

[Bug 3626] New: potentially uninitialized local pointer in sshkey_ecdsa_key_to_nid() in sshkey.c

2023-10-10 Thread bugzilla-daemon 
https://bugzilla.mindrot.org/show_bug.cgi?id=3626

Bug ID: 3626
   Summary: potentially uninitialized local pointer in
sshkey_ecdsa_key_to_nid() in sshkey.c
   Product: Portable OpenSSH
   Version: 9.5p1
  Hardware: All
OS: All
Status: NEW
  Severity: trivial
  Priority: P5
 Component: ssh
  Assignee: unassigned-b...@mindrot.org
  Reporter: tessgauth...@microsoft.com

Overview:
eg is uninitialized.

int
sshkey_ecdsa_key_to_nid(EC_KEY *k)
{
EC_GROUP *eg;
...
}

Expected Result:
EC_GROUP *eg = NULL;

Additional Information:
Corresponding compiler warning -
https://learn.microsoft.com/en-us/cpp/error-messages/compiler-warnings/compiler-warning-level-4-c4703?view=msvc-170=%3FappId%3DDev16IDEF1%26l%3DEN-US%26k%3Dk(C4703)%26rd%3Dtrue

-- 
You are receiving this mail because:
You are watching the assignee of the bug.
___
openssh-bugs mailing list
openssh-bugs@mindrot.org
https://lists.mindrot.org/mailman/listinfo/openssh-bugs

[Bug 3625] New: potentially uninitialized local pointer in send_handle() in sftp-server.c

2023-10-10 Thread bugzilla-daemon 
https://bugzilla.mindrot.org/show_bug.cgi?id=3625

Bug ID: 3625
   Summary: potentially uninitialized local pointer in
send_handle() in sftp-server.c
   Product: Portable OpenSSH
   Version: 9.5p1
  Hardware: All
OS: All
Status: NEW
  Severity: trivial
  Priority: P5
 Component: sftp-server
  Assignee: unassigned-b...@mindrot.org
  Reporter: tessgauth...@microsoft.com

Overview:
string is uninitialized.

static void
send_handle(u_int32_t id, int handle)
{
u_char *string;
int hlen;

handle_to_string(handle, , );
debug("request %u: sent handle %d", id, handle);
send_data_or_handle(SSH2_FXP_HANDLE, id, string, hlen);
free(string);
}

Expected Result:
u_char *string = NULL;

Additional Information:
Corresponding compiler warning -
https://learn.microsoft.com/en-us/cpp/error-messages/compiler-warnings/compiler-warning-level-4-c4703?view=msvc-170=%3FappId%3DDev16IDEF1%26l%3DEN-US%26k%3Dk(C4703)%26rd%3Dtrue

-- 
You are receiving this mail because:
You are watching the assignee of the bug.
___
openssh-bugs mailing list
openssh-bugs@mindrot.org
https://lists.mindrot.org/mailman/listinfo/openssh-bugs

[Bug 3624] New: potentially uninitialized local pointers in assemble_algorithms() in servconf.c

2023-10-10 Thread bugzilla-daemon 
https://bugzilla.mindrot.org/show_bug.cgi?id=3624

Bug ID: 3624
   Summary: potentially uninitialized local pointers in
assemble_algorithms() in servconf.c
   Product: Portable OpenSSH
   Version: 9.5p1
  Hardware: All
OS: All
Status: NEW
  Severity: trivial
  Priority: P5
 Component: sshd
  Assignee: unassigned-b...@mindrot.org
  Reporter: tessgauth...@microsoft.com

Overview:

*def_cipher, *def_mac, *def_kex, *def_key, *def_sig are uninitialized
pointers.

static void
assemble_algorithms(ServerOptions *o)
{
char *all_cipher, *all_mac, *all_kex, *all_key, *all_sig;
char *def_cipher, *def_mac, *def_kex, *def_key, *def_sig;
int r;
...
}

Expected:
char *def_cipher = NULL, *def_mac = NULL, *def_kex = NULL, *def_key =
NULL, *def_sig = NULL;

Additional Information:
Corresponding compiler warning -
https://learn.microsoft.com/en-us/cpp/error-messages/compiler-warnings/compiler-warning-level-4-c4703?view=msvc-170=%3FappId%3DDev16IDEF1%26l%3DEN-US%26k%3Dk(C4703)%26rd%3Dtrue

-- 
You are receiving this mail because:
You are watching the assignee of the bug.
___
openssh-bugs mailing list
openssh-bugs@mindrot.org
https://lists.mindrot.org/mailman/listinfo/openssh-bugs

[Bug 3623] New: potentially uninitialized local pointers in fill_default_options() in readconf.c

2023-10-10 Thread bugzilla-daemon 
https://bugzilla.mindrot.org/show_bug.cgi?id=3623

Bug ID: 3623
   Summary: potentially uninitialized local pointers in
fill_default_options() in readconf.c
   Product: Portable OpenSSH
   Version: 9.5p1
  Hardware: All
OS: All
Status: NEW
  Severity: trivial
  Priority: P5
 Component: ssh
  Assignee: unassigned-b...@mindrot.org
  Reporter: tessgauth...@microsoft.com

Overview:

*def_cipher, *def_mac, *def_kex, *def_key, *def_sig are uninitialized
pointers.

int
fill_default_options(Options * options)
{
char *all_cipher, *all_mac, *all_kex, *all_key, *all_sig;
char *def_cipher, *def_mac, *def_kex, *def_key, *def_sig;
int ret = 0, r;

...
}

Expected:
char *def_cipher = NULL, *def_mac = NULL, *def_kex = NULL, *def_key =
NULL, *def_sig = NULL;

Additional Information:
Corresponding compiler warning -
https://learn.microsoft.com/en-us/cpp/error-messages/compiler-warnings/compiler-warning-level-4-c4703?view=msvc-170=%3FappId%3DDev16IDEF1%26l%3DEN-US%26k%3Dk(C4703)%26rd%3Dtrue

-- 
You are receiving this mail because:
You are watching the assignee of the bug.
___
openssh-bugs mailing list
openssh-bugs@mindrot.org
https://lists.mindrot.org/mailman/listinfo/openssh-bugs