libssh2_knownhost_readfile() silently ignored problems when reading keys
in unsupported formats from the known hosts file. When the file is
written again from the internal structures of libssh2 it gets truntcated
to the point where the first unknown key was located.
* src/knownhost.c:libssh2_knownhost_readfile() - return error if key
parsing fails
---
include/libssh2.h | 1 +
src/knownhost.c | 5 ++++-
2 files changed, 5 insertions(+), 1 deletions(-)
diff --git a/include/libssh2.h b/include/libssh2.h
index 1580ba5..bc4f2d4 100644
--- a/include/libssh2.h
+++ b/include/libssh2.h
@@ -405,6 +405,7 @@ typedef struct _LIBSSH2_POLLFD {
#define LIBSSH2_ERROR_SOCKET_RECV -43
#define LIBSSH2_ERROR_ENCRYPT -44
#define LIBSSH2_ERROR_BAD_SOCKET -45
+#define LIBSSH2_ERROR_KNOWN_HOSTS -46
/* this is a define to provide the old (<= 1.2.7) name */
#define LIBSSH2_ERROR_BANNER_NONE LIBSSH2_ERROR_BANNER_RECV
diff --git a/src/knownhost.c b/src/knownhost.c
index c58dfbb..1087bc2 100644
--- a/src/knownhost.c
+++ b/src/knownhost.c
@@ -910,8 +910,11 @@ libssh2_knownhost_readfile(LIBSSH2_KNOWNHOSTS *hosts,
file = fopen(filename, "r");
if(file) {
while(fgets(buf, sizeof(buf), file)) {
- if(libssh2_knownhost_readline(hosts, buf, strlen(buf), type))
+ if(libssh2_knownhost_readline(hosts, buf, strlen(buf), type)) {
+ num = _libssh2_error(hosts->session, LIBSSH2_ERROR_KNOWN_HOSTS,
+ "Failed to parse known hosts file");
break;
+ }
num++;
}
fclose(file);
--
1.7.8.6
_______________________________________________
libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel
Received on 2012-08-21