x/crypto/ssh: Server panic on invalid input
taruti opened this issue · 4 comments
taruti commented
The following input makes the x/crypto/ssh server crash:
[]byte("\n\x00\x00\x00\x16\x00\x140000000000000000\xff\xff\xff\xff")
Discovered by fuzzing (see the excellent github.com/dvyukov/go-fuzz), triggerable by
- run x/crypto/ssh server
- feed it those bytes (e.g. with nc or go)
- watch it panic
panic: runtime error: slice bounds out of range
goroutine 5 [running]:
golang.org/x/crypto/ssh.parseString(0xc20801e391, 0x4, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc20800a300)
/go/path/src/golang.org/x/crypto/ssh/messages.go:490 +0x150
golang.org/x/crypto/ssh.parseNameList(0xc20801e391, 0x4, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x15)
/go/path/src/golang.org/x/crypto/ssh/messages.go:502 +0x95
golang.org/x/crypto/ssh.Unmarshal(0xc20801e391, 0x4, 0x4, 0x54e900, 0xc208001320, 0x0, 0x0)
/go/path/src/golang.org/x/crypto/ssh/messages.go:360 +0xeff
golang.org/x/crypto/ssh.(*handshakeTransport).enterKeyExchange(0xc208056000, 0xc20801e380, 0x15, 0x15, 0x0, 0x0)
/go/path/src/golang.org/x/crypto/ssh/handshake.go:295 +0x134
golang.org/x/crypto/ssh.(*handshakeTransport).readOnePacket(0xc208056000, 0x0, 0x0, 0x0, 0x0, 0x0)
/go/path/src/golang.org/x/crypto/ssh/handshake.go:166 +0x1f3
golang.org/x/crypto/ssh.(*handshakeTransport).readLoop(0xc208056000)
/go/path/src/golang.org/x/crypto/ssh/handshake.go:133 +0x28
created by golang.org/x/crypto/ssh.newServerTransport
/go/path/src/golang.org/x/crypto/ssh/handshake.go:108 +0xea
goroutine 1 [chan receive]:
golang.org/x/crypto/ssh.(*connection).serverHandshake(0xc20804e200, 0xc208058210, 0xc20801f060, 0x0, 0x0)
/go/path/src/golang.org/x/crypto/ssh/server.go:193 +0x64f
golang.org/x/crypto/ssh.NewServerConn(0x7f8486836d18, 0xc20801f060, 0xc208058000, 0x7f8486836d18, 0xc208030018, 0x0, 0x0, 0x0)
/go/path/src/golang.org/x/crypto/ssh/server.go:146 +0x103
main.main()
/go/path/src/github.com/taruti/sshfuzz/ex1/ssh.go:28 +0x32d
ebfe commented
ebfe commented
Should be fixed by golang/crypto@cc04154