Bugs item #2665432, was opened at 2009-03-05 16:14
Message generated for change (Comment added) made by bagder
You can respond by visiting:
https://sourceforge.net/tracker/?func=detail&atid=703942&aid=2665432&group_id=125852
Please note that this message will contain a full copy of the comment thread,
including the initial issue submission, for this request,
not just the latest update.
Category: misc
Group: None
Status: Closed
>Resolution: Fixed
Priority: 5
Private: No
Submitted By: Olivier Hervieu (ohervieu)
Assigned to: Daniel Stenberg (bagder)
Summary: auth_cookie generation is broken (channel_x11_req)
Initial Comment:
Hi guys,
When using libssh2_channel_x11_req, on linux, the auth_cookie is generated by
the following code :
unsigned char buffer[LIBSSH2_X11_RANDOM_COOKIE_LEN / 2];
libssh2_random(buffer, LIBSSH2_X11_RANDOM_COOKIE_LEN / 2);
for(i = 0; i < (LIBSSH2_X11_RANDOM_COOKIE_LEN / 2); i++) {
snprintf((char *) s + (i * 2), 2, "%02X", buffer[i]);
}
where s is a buffer of LIBSSH2_X11_RANDOM_COOKIE_LEN length.
When executing this, I always have a strange generated cookie. On the server
side, sshd says :
/usr/bin/X11/xauth: (stdin):2: key contains odd number of or non-hex characters
In fact the auth_cookie sent has a length of .... 1.
Refering to the man page of snprintf, it says : The functions snprintf() and
vsnprintf() write at most size bytes (including the trailing null byte
(’\0’)) to str.
So, if you a define a buffer : buffer[]="AAAAAAAAAAAAAAAA"
snprintf((char *)s +(i*2),2,"%02X", buffer[i]);
will always write '4\0' in the buffer for each loop of the for statement.
So, a correct cookie is generated by using :
snprintf((char *)s +(i*2),2+1 ,"%02X", buffer[i]);
Regards,
Olivier
----------------------------------------------------------------------
>Comment By: Daniel Stenberg (bagder)
Date: 2009-03-07 23:31
Message:
Ugh, how did I make it 'duplicate' ? Ok, should be fine now
----------------------------------------------------------------------
Comment By: Daniel Stenberg (bagder)
Date: 2009-03-07 23:08
Message:
Thanks, fixed committed to CVS just now!
----------------------------------------------------------------------
You can respond by visiting:
https://sourceforge.net/tracker/?func=detail&atid=703942&aid=2665432&group_id=125852
------------------------------------------------------------------------------
Open Source Business Conference (OSBC), March 24-25, 2009, San Francisco, CA
-OSBC tackles the biggest issue in open source: Open Sourcing the Enterprise
-Strategies to boost innovation and cut costs with open source participation
-Receive a $600 discount off the registration fee with the source code: SFAD
http://p.sf.net/sfu/XcvMzF8H
_______________________________________________
libssh2-devel mailing list
libssh2-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/libssh2-devel
