Hello Atsuhiko-san, thanks for your insight, now I understand. I did not try to get free consultation, but just tried to understand whether there was missing standards compliance in JSch or Ipssh. I'm responsible for the JSch-based Sftp client, and not for the Windriver Server. Anyways, I'm now requesting IpSSH to always send message and language id for version 3 protocol negotionation.
I still guess it's a corner-case though, because the packet length was declared to be small and Jsch should never read uninitialized memory; I guess that's what you meant by fixing the DOS vulnerability in Jsch. Also note, that OpenSSH clients can successfully operate with the IpSSH Sftp server without bailing out, so they seem to be less vulnerable to not receiving the SSH_FXP_STATUS packet without message even for server claiming version 3, than Jsch. (Or could it be that the OpenSSH claims itself to be version 2? I dont know...) Thanks, Martin Atsuhiko Yamanaka schrieb: > Hi, > > +-From: Martin Oberhuber <[EMAIL PROTECTED]> -- > |_Date: Wed, 07 Nov 2007 09:51:55 +0100 ____________________ > | > |thanks for your resonse, but I'm slightly confused: For me it looks like > |Sftp > |version 2 already specified a String message slot for the SSH_FXP_STATUS > |packet: > | http://tools.ietf.org/html/draft-ietf-secsh-filexfer-02#section-7 > > If you creafully read the section 4[1], > you will find that it has described about the sftp protocol version '3'. > And also, the section 10.1[2] will be helpful for your understanding. > > |If they are indeed REQUIRED to send a String, can you point me to > |the corresponding text in the protocol specs? > > That implementation is your business, isn't it? > I'm really confusing. > Why we have to provide the free consultation to WindRiver? > > The section 7[3] has defined error code and its meanings have > been written there. It will be the good staring point. > > > [1] http://tools.ietf.org/html/draft-ietf-secsh-filexfer-02#section-4 > [2] http://tools.ietf.org/html/draft-ietf-secsh-filexfer-02#section-10.1 > [3] http://tools.ietf.org/html/draft-ietf-secsh-filexfer-02#section-7 > > > Sincerely, > -- > Atsuhiko Yamanaka > JCraft,Inc. > 1-14-20 HONCHO AOBA-KU, > SENDAI, MIYAGI 980-0014 Japan. > Tel +81-22-723-2150 > +1-415-578-3454 > Fax +81-22-224-8773 > Skype callto://jcraft/ > -- Martin Oberhuber Wind River Systems, Inc. Target Management Project Lead, DSDP PMC Member http://www.eclipse.org/dsdp/tm ------------------------------------------------------------------------- This SF.net email is sponsored by: Splunk Inc. Still grepping through log files to find problems? Stop. Now Search log events and configuration files using AJAX and a browser. Download your FREE copy of Splunk now >> http://get.splunk.com/ _______________________________________________ JSch-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/jsch-users
