Bug 668 - ssh truncates long banner message
Summary: ssh truncates long banner message
Status: CLOSED FIXED
Alias: None
Product: Portable OpenSSH
Classification: Unclassified
Component: ssh (show other bugs)
Version: 3.7p1
Hardware: SPARC Solaris
: P2 normal
Assignee: OpenSSH Bugzilla mailing list
URL:
Keywords:
: 753 765 (view as bug list)
Depends on:
Blocks:
 
Reported: 2003-09-18 06:59 AEST by Darryl Baker
Modified: 2004-04-14 12:24 AEST (History)
2 users (show)

See Also:

Attachments
The offending banner file (1.16 KB, text/plain)
2003-09-18 07:01 AEST, Darryl Baker 		no flags Details
Don't use logit() for banner (878 bytes, patch)
2003-09-18 11:00 AEST, Darren Tucker 		no flags Details | Diff
check options.loglevel and use fprintf (610 bytes, patch)
2003-09-18 17:37 AEST, Darren Tucker 		no flags Details | Diff
Trace of ssh -vvv (6.35 KB, text/plain)
2003-10-10 12:36 AEST, Darryl Baker 		no flags Details
Show Obsolete (1) View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Darryl Baker 2003-09-18 06:59:05 AEST 
I have a long, 1184 bytes, banner file. It is the one that Titan installs. and 
with the 3.6 version of ssh it prints fine. With the 3.7 version only part of 
it prints.
Comment 1 Darryl Baker 2003-09-18 07:01:49 AEST 
Created attachment 418 [details]
The offending banner file
Comment 2 Darren Tucker 2003-09-18 11:00:10 AEST 
Created attachment 419 [details]
Don't use logit() for banner

How about something like the attached patch?  (WARNING: almost entirely
untested)
Comment 3 Darryl Baker 2003-09-18 12:57:27 AEST 
Works for me, almost. I didn't need a blank line at the bottom of the banner 
file before. The login message appears on the same line as the last line in the
file. If there is a blank line on the bottom everything appears the same. Now 
that I know where to look the new code is the same as the old 3.6p2 code. The 
newline must have come from elsewhere.
Comment 4 Darren Tucker 2003-09-18 13:59:11 AEST 
Just change sshconnect2.c line 369 from
fprintf(stderr, "%s", fmtbuf);
to
fprintf(stderr, "%s\n", fmtbuf);
Comment 5 Damien Miller 2003-09-18 17:26:14 AEST 
Hang on, that undoes the fix for bug #225
Comment 6 Darren Tucker 2003-09-18 17:37:15 AEST 
Created attachment 421 [details]
check options.loglevel and use fprintf

Damn, you're right.  I thought that looked strangely familiar.
Comment 7 Darryl Baker 2003-09-19 06:51:13 AEST 
It is now a perfect fix, thank you.
Comment 8 Darren Tucker 2003-10-07 16:44:42 AEST 
This has now been fixed in OpenBSD, it will appear in Portable's snapshots shortly.
Comment 9 Darryl Baker 2003-10-10 00:44:00 AEST 
I found one problem with the fix. If there is a banner file defined at the 
target system and it does not exist or is zero length the ssh command will fail 
with ax "malloc: zero size" error.
Comment 10 Darryl Baker 2003-10-10 01:15:46 AEST 
Another problem with 3.7.1p2 and banners, the banner ends with an extra cr and 
not a crnl
Comment 11 Markus Friedl 2003-10-10 04:29:57 AEST 
who is printing: "malloc: zero size"?

this would be a different bug.
Comment 12 Darren Tucker 2003-10-10 11:50:25 AEST 
I added some regression tests with the the fix, including a test of a zero-
length banner file and I haven't seen the malloc error you reported.  Please 
open a new bug and attach the output of "ssh -vvv" showing the problem.

The extra CR thing is also fixed by patch id #421.
Comment 13 Darryl Baker 2003-10-10 12:36:29 AEST 
Created attachment 479 [details]
Trace of ssh -vvv
Comment 14 Darryl Baker 2003-10-10 13:21:23 AEST 
Error at this end. Somehow the patch was reverted to an older version. Sorry to 
have bothered you.
Comment 15 Darren Tucker 2003-11-04 20:00:58 AEDT 
*** Bug 753 has been marked as a duplicate of this bug. ***
Comment 16 Darren Tucker 2003-12-01 01:12:42 AEDT 
*** Bug 765 has been marked as a duplicate of this bug. ***
Comment 17 Damien Miller 2004-04-14 12:24:19 AEST 
Mass change of RESOLVED bugs to CLOSED