-
Notifications
You must be signed in to change notification settings - Fork 2.4k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Crash in libssh when port 22 response is unexpected #1227
Comments
@edeirme @sergeykhegay: Any ideas on the above testcase and output given your previous involvement with libssh in Nmap? |
This seems to have been fixed by @bonsaiviking / @dmiller-nmap in 350bbe0. Thanks! |
Glad I could help! I ran into the same problem myself, but I had forgotten about this bug report. I thought maybe nobody else had experienced the crash. I'll put it into the changelog with reference to this issue. |
Nmap 7.70 crashes when running either of the following two scripts against an open port 22 which is not recognised as SSH:
ssh-publickey-acceptance
andssh-auth-methods
.I managed to narrow it down to these scripts and one particular host, and created a minimised test case that can be run locally:
This will cause a crash, sometimes with
Segmentation fault
or sometimes withdouble free or corruption
. Sample output with-ddd
:If I disable those two scripts, then Nmap doesn't crash, and the host output looks like:
Hope that helps in diagnosing the issue.
Please can you look into it?
The text was updated successfully, but these errors were encountered: