Bug 1615 - the pathname length of home directory is limited to less than 256 chars
Summary: the pathname length of home directory is limited to less than 256 chars
Status: CLOSED FIXED
Alias: None
Product: Portable OpenSSH
Classification: Unclassified
Component: ssh (show other bugs)
Version: 5.2p1
Hardware: Other Linux
: P2 normal
Assignee: Assigned to nobody
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2009-06-30 22:10 AEST by jchadima
Modified: 2009-10-06 15:03 AEDT (History)
1 user (show)

See Also:

Attachments
patch solving the problem (571 bytes, patch)
2009-06-30 22:10 AEST, jchadima 		no flags Details | Diff
the patch version 2 (1.40 KB, patch)
2009-07-02 00:33 AEST, jchadima 		no flags Details | Diff
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description jchadima 2009-06-30 22:10:04 AEST 
Created attachment 1656 [details]
patch solving the problem

on some obscure instalation the $HOME is enormly long.
Comment 1 Darren Tucker 2009-07-01 11:53:04 AEST 
Are you sure that's all that's needed?  That buf gets used with:

snprintf(buf, sizeof buf, "%.100s/%.100s", pw->pw_dir, _PATH_SSH_USER_CONFFILE);

which will also truncate.
Comment 2 jchadima 2009-07-02 00:33:18 AEST 
Created attachment 1657 [details]
the patch version 2

You are right. The patch#2 solves the whole problem.
Comment 3 Darren Tucker 2009-07-02 15:07:30 AEST 
We ended up with something similar but with some extra checks for snprintf return values:

http://www.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/ssh.c.diff?r1=text&tr1=1.325&r2=text&tr2=1.326

Thanks, this will be in the next release.
Comment 4 Damien Miller 2009-10-06 15:03:22 AEDT 
Mass move of RESOLVED bugs to CLOSED now that 5.3 is out.