When logging to standard error (via -e) or to log file (via -E <logfile>), long log messages do not end with a newline. Problem occurs in log.c, line 456 in OpenSSH 7.4p1. The snprintf() call attempts to copy fmtbuf and "\r\n" into msgbuf. However, fmtbuf and msgbuf are the same size (MSGBUFSIZ, nominally 1024 bytes). When fmtbuf is completely filled (due to long log message), then the snprintf() simply copies fmtbuf and ignores the "\r\n". This was observed when testing certificate-based logins at LogLevel DEBUG3. For example, 3 logs messages appear on one line like this (with ... replacing long OpenSSH certificate public key): debug2: user_key_allowed: check options: 'ssh-rsa-cert-v01@openssh.com AAAA...debug2: user_key_allowed: advance: 'AAAA...debug2: key not found Notice multiple debug2 messages all on the same line. Each log line should with with a newline character. Suggested Fix Since the intent is to append "\r\n" to fmtbuf before writing to stderr, maybe it would be better to make that intent clearer using strlcat() rather than snprintf(). msgbuf[0] = '\0'; (void)strlcat(msgbuf, fmtbuf, sizeof msgbuf - 2); (void)strlcat(msgbuf, "\r\n", sizeof msgbuf );
Created attachment 2957 [details] include room for \r\n in sprintf This is a slightly different fix, that sets an explicit length in the snprintf call for the log line.
Patch applied. This will be in openssh-7.5, due soon.
Ah, yes. Much more elegant fix than my proposal. Thanks!
Close all resolved bugs after release of OpenSSH 7.7.