aborted (core dumped) when using ConnectTimeout > 2147483
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
portable OpenSSH |
Unknown
|
Unknown
|
|||
openssh (Ubuntu) |
Fix Released
|
Low
|
Unassigned | ||
Bionic |
Fix Released
|
Low
|
Athos Ribeiro | ||
Focal |
Fix Released
|
Low
|
Athos Ribeiro | ||
Impish |
Won't Fix
|
Low
|
Unassigned | ||
Jammy |
Fix Released
|
Low
|
Unassigned |
Bug Description
[Impact]
Setting ConnectTimeout to a value higher than INT_MAX/1000 causes the ssh client to crash. This happens due to an integer overflow which was fixed upstream with the patch being proposed for this SRU, which caps the effective value for that option at INT_MAX/1000.
While use cases triggering the bug may be uncommon, the patch is straightforward and the fix could be staged for the next time an upload is needed.
[Test Plan]
Running
ssh -o "ConnectTimeout
triggers the error. In this case, the ssh client will crash and
Aborted
will be printed to stderr.
By applying the proposed fix, running the same command should allow the ssh connection to proceed to the authentication steps.
[Where problems could occur]
Most problems would manifest due to rebuilding the package (e.g., dependency changes). Since this proposal is to stage these SRUs, such risk is being deferred to be shared with the next, more critical, upload.
[Other Info]
All the SRUs proposed here should be staged due to the low priority nature of the bug.
[Original bug report]
The ssh client fails with the message "Aborted (core dumped)" when setting the ConnectTimeout to 2147484 or higher.
lsb_release: Linux Mint 20 (but also tested this on latest ubuntu:20.04 docker container)
openssh-client version: 1:8.2p1-4ubuntu0.1
I expected that either the connect timeout would be used correctly, or that it would fail with a proper error message saying the connect timeout can't be higher than 2147483.
What happened:
$ ssh -o "ConnectTimeout
Aborted (core dumped)
Related branches
- Athos Ribeiro (community): Approve
- Canonical Server packageset reviewers: Pending requested
-
Diff: 119 lines (+91/-0)4 files modifieddebian/changelog (+11/-0)
debian/patches/fix-connect-timeout-overflow.patch (+32/-0)
debian/patches/lp1966591-upstream-preserve-group-world-read-permission-on-kno.patch (+46/-0)
debian/patches/series (+2/-0)
- Athos Ribeiro (community): Approve
- Canonical Server packageset reviewers: Pending requested
-
Diff: 119 lines (+91/-0)4 files modifieddebian/changelog (+11/-0)
debian/patches/fix-connect-timeout-overflow.patch (+32/-0)
debian/patches/lp1966591-upstream-preserve-group-world-read-permission-on-kno.patch (+46/-0)
debian/patches/series (+2/-0)
- Sergio Durigan Junior (community): Approve
- Canonical Server packageset reviewers: Pending requested
-
Diff: 62 lines (+40/-0)3 files modifieddebian/changelog (+7/-0)
debian/patches/fix-connect-timeout-overflow.patch (+32/-0)
debian/patches/series (+1/-0)
- Sergio Durigan Junior (community): Approve
- Canonical Server packageset reviewers: Pending requested
-
Diff: 62 lines (+40/-0)3 files modifieddebian/changelog (+7/-0)
debian/patches/fix-connect-timeout-overflow.patch (+32/-0)
debian/patches/series (+1/-0)
- Sergio Durigan Junior (community): Approve
- Canonical Server: Pending requested
-
Diff: 62 lines (+40/-0)3 files modifieddebian/changelog (+7/-0)
debian/patches/fix-connect-timeout-overflow.patch (+32/-0)
debian/patches/series (+1/-0)
Changed in openssh (Ubuntu Jammy): | |
status: | Triaged → Fix Released |
Changed in openssh (Ubuntu Bionic): | |
status: | New → Triaged |
Changed in openssh (Ubuntu Focal): | |
status: | New → Triaged |
Changed in openssh (Ubuntu Impish): | |
status: | New → Triaged |
Changed in openssh (Ubuntu Bionic): | |
importance: | Undecided → Low |
Changed in openssh (Ubuntu Focal): | |
importance: | Undecided → Low |
Changed in openssh (Ubuntu Impish): | |
importance: | Undecided → Low |
description: | updated |
Changed in openssh (Ubuntu Bionic): | |
status: | Triaged → In Progress |
Changed in openssh (Ubuntu Focal): | |
status: | Triaged → In Progress |
Changed in openssh (Ubuntu Impish): | |
status: | Triaged → In Progress |
tags: | added: block-proposed-impish |
Changed in openssh (Ubuntu Impish): | |
assignee: | Athos Ribeiro (athos-ribeiro) → nobody |
Thank you for taking the time to file a bug report.
Could you please provide the core dump file to help us investigate your problem?
Since there is not enough information in your report to begin triage or to
differentiate between a local configuration problem and a bug in Ubuntu, I
am marking this bug as "Incomplete". We would be grateful if you would:
provide a more complete description of the problem, explain why you
believe this is a bug in Ubuntu rather than a problem specific to your
system, and then change the bug status back to "New".
For local configuration issues, you can find assistance here: www.ubuntu. com/support/ community
http://