Subject: Re: SIGSEGV if using patch "keyb-interactive: allow zero length fields"

Re: SIGSEGV if using patch "keyb-interactive: allow zero length fields"

From: Daniel Stenberg <daniel_at_haxx.se>
Date: Wed, 29 Jun 2011 11:49:53 +0200 (CEST)

On Wed, 29 Jun 2011, Alfred Gebert wrote:

>>> #2  0xb7b136d8 in userauth_keyboard_interactive (session=0x8084a40,
>>> username=0x8084810 "agebert", username_len=7,
>>>   response_callback=0xb7e83840 <kbd_callback>) at userauth.c:1616
>>
>> At this point (userauth.c:1616), is session->userauth_kybd_data NULL or what
>> does it point to?
>
> session->userauth_kybd_data is _not_ NULL.

Oh. Can you see from where it jumps to the cleanup label?

> Can you reproduce the bug?

I haven't even tried yet, I don't think I have any live keyboard-interactive
enabled servers around and I haven't setup a test server for it. I thought we
could start out with your tests and possibly figure it out based on this
alone.

-- 
  / daniel.haxx.se

_______________________________________________
libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel
Received on 2011-06-29