Date: Mon, 2 Nov 1998 13:21:49 -0800 (PST) From: Christopher Nielsen <enkhyl@scient.com> To: Peter Jeremy <peter.jeremy@auss2.alcatel.com.au> Cc: freebsd-security@FreeBSD.ORG, winter@jurai.net Subject: Re: SSH vsprintf patch. (You've been warned Mr. Glass) Message-ID: <Pine.BSF.4.05.9811021317410.442-100000@ender.sf.scient.com> In-Reply-To: <98Nov2.132551est.40330@border.alcanet.com.au>
next in thread | previous in thread | raw e-mail | index | archive | help
On Mon, 2 Nov 1998, Peter Jeremy wrote: > Date: Mon, 2 Nov 1998 13:26:18 +1100 > From: Peter Jeremy <peter.jeremy@auss2.alcatel.com.au> > To: freebsd-security@FreeBSD.ORG, winter@jurai.net > Subject: Re: SSH vsprintf patch. (You've been warned Mr. Glass) > > "Matthew N. Dodd" <winter@jurai.net> wrote: > > At this point there isn't any reason not to go about fixing these > >potential problems though. > > ssh also contains a large number of sprintf() calls. Not all of these > are immediately innocuous. There are also 2 sscanf() calls with %s > formats which could be dangerous. Not to mention the str[n]cat() and > str[n]cpy() calls. Unfortunately I have another bushfire to worry > about right now, or I'd check through them as well. > > The problem with C is that there are too many ways to shoot yourself > in the foot... A full security audit on ssh (which it sounds like it > might need) would be fairly time-consuming. It might be time better spent rewriting SSH. SSH 1.2.x is suffering from serious bloat, IMHO. Yes, I know about version 2.x; I'm just not particularly happy with the license. -- Christopher Nielsen Scient: The Art and Science of Electronic Business <http://www.scient.com>; cnielsen@scient.com To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.05.9811021317410.442-100000>