Bug 3385

Summary: prints CR from comment which leads to unreliable output
Product: Portable OpenSSH Reporter: Gleb Fotengauer-Malinovskiy <glebfm>
Component: ssh-keygenAssignee: Assigned to nobody <unassigned-bugs>
Status: NEW ---    
Severity: normal CC: jjelen
Priority: P5    
Version: 8.8p1   
Hardware: Other   
OS: All   

Description Gleb Fotengauer-Malinovskiy 2022-02-01 04:34:54 AEDT 
$ rm -f test*; ./ssh-keygen -q -t rsa -C test@test -N '' -f test
$ ./ssh-keygen -l -f test.pub 
3072 SHA256:Fh8V9v/JyBFlGI0ZqvWMb6480Ldm9dF0XJGTZFnoosI test@test (RSA)
$ unix2dos -q test.pub
$ ./ssh-keygen -l -f test.pub 
 (RSA)HA256:Fh8V9v/JyBFlGI0ZqvWMb6480Ldm9dF0XJGTZFnoosI test@test

Looks like this happens because ssh-keygen treats CR byte as a part of the comment.

$ read -r key < test.pub
$ printf '%s\r9999 SHA256:deadbeefdeadbeefdeadbeefdeadbeefdeadbeefdea good@key\n' "$key" > bad.pub
$ ./ssh-keygen -l -f bad.pub 
9999 SHA256:deadbeefdeadbeefdeadbeefdeadbeefdeadbeefdea good@key (RSA)
$ ./ssh-keygen -l -f bad.pub | less
3072 SHA256:rDIBjjZQEjZTzR3GIp/KERSlnMtsxeFrAbeye6TRoI0 test@test^M9999 SHA256:deadbeefdeadbeefdeadbeefdeadbeefdeadbeefdea good@key (RSA)


git bisect shows that the c56a255162c2166884539c0a1f7511575325b477 commit introduced this regression.
Comment 1 Jakub Jelen 2022-02-01 19:21:04 AEDT 
This was already reported as bug #3283 last year with a patch, unfortunately, without any response neither here nor on github:

https://github.com/openssh/openssh-portable/pull/236/files