Subject: RE: [libssh2] #169: segmentation fault in pubkey authentication

RE: [libssh2] #169: segmentation fault in pubkey authentication

From: C Johnson <>
Date: Mon, 29 Mar 2010 14:07:59 -0600


On Mon, 29 Mar 2010, Daniel Stenberg wrote:

> I don't quite understand that resistance either. As I said
> before: this function is not documented clearly to *not*
> accept a NULL for a blank passphrase even though it isn't
> documented to accept it either. Given that small uncertainty
> in API funcionality I think it is quite easy to check against
> this specific case.

It would seem best to always clarify any points of uncertainty when ever

> It is not the same as to say that we always should check all
> arguments for junk or whatever.

I would not rule this out. Obviously it can be taken to absurd extremes,
but a reasonable step to sanitize inputs can be very important. As a
library, you can not be sure of the source of the inputs being sent to your
library - did the application sanitize them enough or does doing nothing
leave open a potential exploit? There has to be a balance somewhere between
so sanitizing so insanly it drags everything to a griding halt and just
leaving the barn door open and hoping no one notices or cares.

- C Johnson

Received on 2010-03-29