https://bugzilla.mindrot.org/show_bug.cgi?id=3295
--- Comment #6 from Damien Miller <[email protected]> --- I don't have any idea what is going wrong here - this does not occur with OpenSSH as we release it, so it is likely related to changes made by OpenSSH for Windows. In any case, strlen() should never be called on the session ID and nor should printf("%s"). It is binary data and may contain \0 characters. For this reason the dumps in your sshd log aren't usable for debugging this - they are truncated. If you are at some point treating it as an ASCIIZ/UTF8 string, then that's likely to be your problem. I would recommend adding some sshbuf_dump(kex->session_id, stderr) to kex.c:kex_derive_keys(), packet.c:kex_to_blob(), packet.c:kex_from_blob() and monitor.c:monitor_apply_keystate() Also sshbuf_dump_data(session_id2, session_id2_len, stderr) to monitor.c:mm_answer_sign() and monitor.c:monitor_apply_keystate() These will dump all the session ID copies at various stages of their lifecycle and might clarify what is getting corrupted. -- You are receiving this mail because: You are watching the assignee of the bug. You are watching someone on the CC list of the bug. _______________________________________________ openssh-bugs mailing list [email protected] https://lists.mindrot.org/mailman/listinfo/openssh-bugs
