[Group.of.nepali.translators] [Bug 1734040] Re: openssh: The concurrency of settimeofday and ssh connect would lead to coredump

Fri, 24 Aug 2018 06:56:36 -0700 

This was fixed upstream a while back in response to you reporting it
directly to them
(https://anongit.mindrot.org/openssh.git/commit/?id=5db6fbf1438b108e5df3e79a1b4de544373bc2d4);
that fix was in OpenSSH 7.7p1 and is thus in cosmic.  It might not be a
bad idea to backport this fix to xenial and bionic, so I've opened bug
tasks for that.

** Also affects: openssh (Ubuntu Bionic)
   Importance: Undecided
       Status: New

** Also affects: openssh (Ubuntu Xenial)
   Importance: Undecided
       Status: New

** Changed in: openssh (Ubuntu)
       Status: New => Fix Released

-- 
You received this bug notification because you are a member of नेपाली
भाषा समायोजकहरुको समूह, which is subscribed to Xenial.
Matching subscriptions: Ubuntu 16.04 Bugs
https://bugs.launchpad.net/bugs/1734040

Title:
  openssh: The concurrency of settimeofday and ssh connect would lead to
  coredump

Status in openssh package in Ubuntu:
  Fix Released
Status in openssh source package in Xenial:
  New
Status in openssh source package in Bionic:
  New

Bug description:
  Hi, pals:
  we found a coredump when we do ssh connection. the basic information as 
follow:
  the stack trace in coredump:
  (gdb) bt
  #0 0x20007510 in raise () from /lib/libc.so.6
  #1 0x2000c718 in abort () from /lib/libc.so.6
  #2 0x2053d42c in __mulvsi3 (a=, b=) at 
/home/l00194794/yocto/c08_sdk/sdk/build/script/cpu_hcc/ppc-linux/../../../toolchain_soft/ppc-linux/src/gcc-4.7.1/libgcc/libgcc2.c:159
  #3 0x2050d030 in ms_subtract_diff (start=start@entry=0xbfa20a9c, 
ms=0x48027c40, ms@entry=0xbfa20a98) at misc.c:871
  #4 0x204d2568 in ssh_exchange_identification 
(timeout_ms=timeout_ms@entry=5000) at sshconnect.c:580
  #5 0x204d3e3c in ssh_login (sensitive=sensitive@entry=0x20586ea8, orighost=, 
hostaddr=hostaddr@entry=0x20586e28, port=, pw=pw@entry=0x20589ae8, 
timeout_ms=5000)
  at sshconnect.c:1346
  #6 0x204c433c in main (ac=, av=) at ssh.c:1326

  the direct cause of the coredump, is that the function __mulvsi3 in
  gcc checked the plus operation is overflow, then this gcc function
  abort().

  the reason of the overflow is cause by the time-setting operation when
  do ssh connect. in function ms_subtract_diff . the timeoutp get a very
  big value because of the time-change.

  So could we add a limitation for the differ of the 2 values get from 
gettimeofday ? if it's too big, would lead to overflow, we set a default value 
and report a warning log.
  thanks for you attention and expect your reply.

  B.R.
  Le Wang

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/openssh/+bug/1734040/+subscriptions

_______________________________________________
Mailing list: https://launchpad.net/~group.of.nepali.translators
Post to     : group.of.nepali.translators@lists.launchpad.net
Unsubscribe : https://launchpad.net/~group.of.nepali.translators
More help   : https://help.launchpad.net/ListHelp

Reply via email to