https://bugzilla.mindrot.org/show_bug.cgi?id=2619
Bug ID: 2619
Summary: infinite loop, 100% cpu use in ssh if ^Z is pressed at
password prompt
Product: Portable OpenSSH
Version: 7.3p1
Hardware: Other
OS: Linux
Status: NEW
Severity: enhancement
Priority: P5
Component: ssh
Assignee: [email protected]
Reporter: [email protected]
Steps to reproduce:
1. either change or create a test login with /bin/sh as
login shell (should work regarding shell)
2. "ssh user@localhost" and login
3. "sftp user@localhost" and press ^Z in the password
prompt
A few times it will work. It depends a bit on what code
is being executed in the readpassphrase function, at
openbsd-compat/readpassphrase.c in the openssh code.
It has been verified that exec'ing again /bin/sh with
--posix before running sftp, or exporting the environment
variable POSIXLY_CORRECT before the "ssh user@localhost"
step prevents the problem.
So, while the problem appears to be kind of expected, it
is being reported in case it was not meant to happen.
Originally reported in Red Hat bugzilla [1]. This is rare race
condition, where we stuck in the code openbsd-compat/readpassphrase.c:
while (tcsetattr(input, _T_FLUSH, &oterm) == -1 &&
errno == EINTR)
continue;
but it should not happen. The possible solution would be to check the
signal received in the handler, but I am not sure about most
appropriate fallback when the above fails.
More verbose analysis is in the above mentioned bug.
[1] https://bugzilla.redhat.com/show_bug.cgi?id=1218424
--
You are receiving this mail because:
You are watching the assignee of the bug.
_______________________________________________
openssh-bugs mailing list
[email protected]
https://lists.mindrot.org/mailman/listinfo/openssh-bugs
