Bug 1739

Summary:

getcwd does not support size zero argument on Solaris

Product:

Portable OpenSSH

Reporter:

Rich Mirch <rich>

Component:

sshd

Assignee:

Assigned to nobody <unassigned-bugs>

Status:

CLOSED FIXED

Severity:

normal

CC:

djm, yann

Priority:

Version:

5.4p1

Hardware:

SPARC

OS:

Solaris

Bug Depends on:

Bug Blocks:

1743

Attachments:

Description	Flags
A little patch to fix the getcwd function usage	none
Don't try to derelativise the AuthorizedKeysFile value	none

Description Rich Mirch 2010-03-24 15:35:04 AEDT

Overview: 

   The function derelativise_path() in servconf.c calls getcwd(NULL,0)  and using zero for the size argument is unsupported on Solaris.


Steps to Reproduce: 

    1) uncomment #AuthorizedKeysFile     %h/.ssh/authorized_keys
       from /etc/ssh/sshd_config

    2) restart sshd


Actual Results: 

   sshd failed to start with the following message
   derelativise_path: getcwd: Invalid argument


Expected Results: 

   sshd starts with no error messages


Build Date & Platform:

   Build 2010-03-23 on Solaris 9 sun4u
   OpenSSH_5.4p1, OpenSSL 0.9.8m

Comment 1 Yann Rouillard 2010-03-26 04:54:57 AEDT

Created attachment 1821 [details]
A little patch to fix the getcwd function usage

Here is a little patch to solve this bug.

It just passes PATH_MAX as the size argument instead of 0.

The allocated space will be often a lot bigger than needed but:

  - the cwd string variable is very short-lived so that is not so important,

  - when passed a 0 size argument, getcwd under linux seems to allocate PATH_MAX bytes and realloc to exact string size once it has retrieved the current directory. So it seems we just avoid a realloc call by using PATH_MAX instead of 0.

Comment 2 Yann Rouillard 2010-03-26 05:03:14 AEDT

I posted a patch to solve the bug reported but I uncovered another issue while testing it.

It seems the Authorized_keys filename argument is now derelativised when the configuration file is read. 
As a result, an argument like '.ssh/authorized_keys' is now transformed into '/.ssh/autorized_keys' by the derelativise_path function and is not anymore interpreted as being relative to the user home, contrary to what the man page says:
"After expansion, AuthorizedKeysFile is taken to be an absolute path or  one relative to the user's home directory"

Comment 3 Yann Rouillard 2010-03-26 08:53:29 AEDT

Created attachment 1822 [details]
Don't try to derelativise the AuthorizedKeysFile value

A little patch to fix the second issue.

Comment 4 Damien Miller 2010-03-26 10:40:23 AEDT

Thanks - this is fixed in openssh-5.5p1, due shortly.

Comment 5 Damien Miller 2010-04-16 15:51:14 AEST

Mass move of bugs RESOLVED->CLOSED following the release of openssh-5.5p1