https://bugzilla.mindrot.org/show_bug.cgi?id=3896
Zack Weinberg <[email protected]> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #3921| |ok?([email protected]) Flags| | --- Comment #2 from Zack Weinberg <[email protected]> --- Created attachment 3921 --> https://bugzilla.mindrot.org/attachment.cgi?id=3921&action=edit slightly more invasive fix I'd like to suggest a slightly more invasive fix which also moves the strnvis() call into the if-else branches that are actually going to use the result. I tested this change on one of my machines and it does work for the case I know about: $ ssh rö[email protected] r\303\[email protected]: Permission denied (publickey). $ ssh [email protected] grep -hF '266ot' /var/log/* Nov 17 22:17:07 server sshd[4456]: Invalid user r\303\266ot from [address redacted] port 38924 Nov 17 22:17:08 server sshd[4456]: Connection closed by invalid user r\303\266ot [address redacted] port 38924 [preauth] Before the change, the second line would have been double-escaped. -- You are receiving this mail because: You are watching someone on the CC list of the bug. You are watching the assignee of the bug. _______________________________________________ openssh-bugs mailing list [email protected] https://lists.mindrot.org/mailman/listinfo/openssh-bugs
