Bug 519

Summary: parsing bug in host.allow element of login.conf(5)
Product: Portable OpenSSH Reporter: Luke Mewburn <lukem>
Component: sshdAssignee: OpenSSH Bugzilla mailing list <openssh-bugs>
Status: CLOSED INVALID    
Severity: normal    
Priority: P2    
Version: -current   
Hardware: All   
OS: NetBSD   
URL: http://cvsweb.netbsd.org/bsdweb.cgi/src/crypto/dist/ssh/auth.c#rev1.18

Description Luke Mewburn 2003-03-25 11:36:35 AEDT 
There's a bug in the parser code for the "host.allow" element of login.conf(5).
If you have more than one hostname in a comma separated argument to
"host.allow=", and there's not a positive or negative match on the first
element, sshd will infinitely loop because there's a missing strtok() to advance
to the next field.
The URL quoted above contains the cvs commit message I made to NetBSD-current to
fix the problem there.
Comment 1 Damien Miller 2003-06-04 23:05:04 AEST 
This is a NetBSD specific bug - neither OpenBSD nor portable OpenSSH have
host.deny in login.conf.
Comment 2 Damien Miller 2004-04-14 12:24:18 AEST 
Mass change of RESOLVED bugs to CLOSED