You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I'm seeing couple of issues with regard to password based authentication in libnetconf.
Can these issues be fixed ?
Thanks in advance.
Memory leak in callback_sshauth_publickey_default
We are allocating memory at line 162, but are returning NULL at some places on error without freeing the memory.
buf = malloc (buflen * sizeof(char));
if (buf == NULL) {
ERROR("Memory allocation failed (%s:%d - %s).", FILE, LINE, strerror(errno));
return (NULL);
}
if ((tty = fopen("/dev/tty", "r+")) == NULL) {
ERROR("Unable to open the current terminal (%s:%d - %s).", FILE, LINE, strerror(errno));
return (NULL);
}
if (tcgetattr(fileno(tty), &oldterm) != 0) {
ERROR("Unable to get terminal settings (%d: %s).", LINE, strerror(errno));
return (NULL);
}
nc_session_connect_libssh_socket doesn't handle the NULL returned by callback_sshauth_publickey_default
In ssh.c line 297, we don't do NULL check and start using returned value , resulting in a crash in libssh eventually.
s = callbacks.sshauth_password(username, host);
while ((ret_auth = ssh_userauth_password(retval->ssh_sess, username, s)) == SSH_AUTH_AGAIN) {
Best regards,
Parameswaran
The text was updated successfully, but these errors were encountered:
Hi,
I'm seeing couple of issues with regard to password based authentication in libnetconf.
Can these issues be fixed ?
Thanks in advance.
Memory leak in callback_sshauth_publickey_default
We are allocating memory at line 162, but are returning NULL at some places on error without freeing the memory.
buf = malloc (buflen * sizeof(char));
if (buf == NULL) {
ERROR("Memory allocation failed (%s:%d - %s).", FILE, LINE, strerror(errno));
return (NULL);
}
if ((tty = fopen("/dev/tty", "r+")) == NULL) {
ERROR("Unable to open the current terminal (%s:%d - %s).", FILE, LINE, strerror(errno));
return (NULL);
}
if (tcgetattr(fileno(tty), &oldterm) != 0) {
ERROR("Unable to get terminal settings (%d: %s).", LINE, strerror(errno));
return (NULL);
}
nc_session_connect_libssh_socket doesn't handle the NULL returned by callback_sshauth_publickey_default
In ssh.c line 297, we don't do NULL check and start using returned value , resulting in a crash in libssh eventually.
s = callbacks.sshauth_password(username, host);
while ((ret_auth = ssh_userauth_password(retval->ssh_sess, username, s)) == SSH_AUTH_AGAIN) {
Best regards,
Parameswaran
The text was updated successfully, but these errors were encountered: