On Mon, 25 Jun 2018 22:19:11 +0200, Paul de Weerd wrote:
> It comes from this bit in usr.bin/ssh/dh.c:
>
> linenum = 0;
> which = arc4random_uniform(bestcount);
"bestcount" is always > 1, but "which" is in the range [0, bestcount)
where we really want it to be [1, bestcount]
I think you are correct that this is an off-by-one error
that which should be incremented, .e.g.
which = arc4random_uniform(bestcount) + 1;
> while (getline(&line, &linesize, f) != -1) {
> linenum++;
> if (!parse_prime(linenum, line, &dhg))
> continue;
> if ((dhg.size > max || dhg.size < min) ||
> dhg.size != best ||
> linenum++ != which) {
> BN_clear_free(dhg.g);
> BN_clear_free(dhg.p);
> continue;
> }
> break;
> }
> free(line);
> line = NULL;
> fclose(f);
> if (linenum != which+1) {
> logit("WARNING: line %d disappeared in %s, giving up",
> which, _PATH_DH_MODULI);
> return (dh_new_group_fallback(max));
> }
