You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@guacamole.apache.org by sanhex <gi...@git.apache.org> on 2017/09/28 18:24:59 UTC

[GitHub] incubator-guacamole-server pull request #115: GUACAMOLE-400: Fix guacd crash...

GitHub user sanhex opened a pull request:

    https://github.com/apache/incubator-guacamole-server/pull/115

    GUACAMOLE-400: Fix guacd crash when ssh key fails

    Root Cause:
    In the ssh library of guacd, function ssh_client_thread(), when guac_ssh_get_user() fails to load private key for ssh authentication, it will return NULL. In this case, the subsequent call to guac_common_ssh_create_session() with parameter 'user=0x0' will cause guacd crash in function guac_common_ssh_authenticate() by accessing 'user->username'.
    
    Solution:
    In guac_common_ssh_create_session(), validate parameter 'user'. If it is NULL, abort the ssh session.
    Reviewed the logic for other parameters of the function, they look okay and no need to be validated at this point.
    
    Test:
    - configured a ssh app with an encrypted private key and a wrong passphrase.
    - ran the ssh app from web portal and observed guacd crash.
    - applied the fix and reran the ssh app. Observed no crash.

You can merge this pull request into a Git repository by running:

    $ git pull https://github.com/sanhex/incubator-guacamole-server patch-1

Alternatively you can review and apply these changes as the patch at:

    https://github.com/apache/incubator-guacamole-server/pull/115.patch

To close this pull request, make a commit to your master/trunk branch
with (at least) the following in the commit message:

    This closes #115
    
----
commit 6c9c87a04ab9e4e8de454a816cccdd0ebd35af3e
Author: sanhex <sa...@gmail.com>
Date:   2017-09-28T18:06:24Z

    GUACAMOLE-400: Fix guacd crash when ssh key fails
    
    Root Cause:
    In the ssh library of guacd, function ssh_client_thread(), when guac_ssh_get_user() fails to load private key for ssh authentication, it will return NULL. In this case, the subsequent call to guac_common_ssh_create_session() with parameter 'user=0x0' will cause guacd crash in function guac_common_ssh_authenticate() by accessing 'user->username'.
    
    Solution:
    In guac_common_ssh_create_session(), validate parameter 'user'. If it is NULL, abort the ssh session.
    Reviewed the logic for other parameters of the function, they look okay and no need to be validated at this point.
    
    Test:
    - configured a ssh app with an encrypted private key and a wrong passphrase.
    - ran the ssh app from web portal and observed guacd crash.
    - applied the fix and reran the ssh app. Observed no crash.

----


---

[GitHub] incubator-guacamole-server pull request #115: GUACAMOLE-400: Fix guacd crash...

Posted by asfgit <gi...@git.apache.org>.

Github user asfgit closed the pull request at:

    https://github.com/apache/incubator-guacamole-server/pull/115


---