** Description changed: + [Impact] + + Setting ConnectTimeout to a value higher than INT_MAX/1000 causes the + ssh client to crash. This happens due to an integer overflow which was + fixed upstream with the patch being proposed for this SRU, which caps + the effective value for that option at INT_MAX/1000. + + While use cases triggering the bug may be uncommon, the patch is + straightforward and the fix could be staged for the next time an upload + is needed. + + + [Test Plan] + + Running + + ssh -o "ConnectTimeout=$(perl -e 'use POSIX; my $max = + int(POSIX::INT_MAX/1000)+1; print "$max\n";')" localhost + + triggers the error. In this case, the ssh client will crash and + + Aborted + + will be printed to stderr. + + By applying the proposed fix, running the same command should allow the + ssh connection to proceed to the authentication steps. + + [Where problems could occur] + + Most problems would manifest due to rebuilding the package (e.g., + dependency changes). Since this proposal is to stage these SRUs, such + risk is being deferred to be shared with the next, more critical, + upload. + + [Other Info] + + All the SRUs proposed here should be staged due to the low priority nature of the bug. + + [Original bug report] + The ssh client fails with the message "Aborted (core dumped)" when setting the ConnectTimeout to 2147484 or higher. lsb_release: Linux Mint 20 (but also tested this on latest ubuntu:20.04 docker container) openssh-client version: 1:8.2p1-4ubuntu0.1 I expected that either the connect timeout would be used correctly, or that it would fail with a proper error message saying the connect timeout can't be higher than 2147483. What happened: $ ssh -o "ConnectTimeout=2147484" localhost Aborted (core dumped)
-- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1903516 Title: aborted (core dumped) when using ConnectTimeout > 2147483 To manage notifications about this bug go to: https://bugs.launchpad.net/openssh/+bug/1903516/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
