On Wed, Sep 07, 2011 at 09:39:11AM +1000, Stuart Longland wrote: > > One can only hope dropbear_exit is to terminate the connection and not > the daemon. I haven't spotted where common_channel.c is lurking in CVS.
That's correct - dropbear_exit() exits the current process, but each connection runs as a separate process. So all the bad input can do is close the current connection, the same as with any TCP stream. > Is it too difficult to move up to the latest release? Perhaps the > "problem" was fixed there, as I don't see it in CVS? The CVS repository is 7 years out of date. Currently there's monotone.ucc.asn.au branch au.asn.ucc.matt.dropbear, though unfortunately the web interface is broken. I'm intending to migrate it to Mercurial but all my attempts so far haven't been successful at keeping branch history intact. Cheers, Matt
