Bug 1842

Summary: bug in client_input_channel_req causes segmentation violation
Product: Portable OpenSSH Reporter: jchadima
Component: sshAssignee: Damien Miller <djm>
Status: CLOSED FIXED    
Severity: major CC: jchadima
Priority: P2    
Version: 5.6p1   
Hardware: All   
OS: All   
Bug Depends on:    
Bug Blocks: 1803    
Attachments:
Description Flags
Patch solving the problem dtucker: ok+

Description jchadima 2010-11-23 05:45:47 AEDT 
in client_input_channel_req if the channel_lookup(id) is unsuccesful the error is reported, the variable c is still NULL and later is dereferenced
in c->remote_id.
Comment 1 Damien Miller 2010-11-24 10:09:47 AEDT 
Created attachment 1962 [details]
Patch solving the problem

Yes, that is a bug.
Comment 2 Damien Miller 2010-11-24 10:57:42 AEDT 
Patch applied - this will be in OpenSSH 5.7
Comment 3 Damien Miller 2011-01-24 12:33:45 AEDT 
Move resolved bugs to CLOSED after 5.7 release