GUACAMOLE-400: Fix guacd crash when ssh key fails
Root Cause: In the ssh library of guacd, function ssh_client_thread(), when guac_ssh_get_user() fails to load private key for ssh authentication, it will return NULL. In this case, the subsequent call to guac_common_ssh_create_session() with parameter 'user=0x0' will cause guacd crash in function guac_common_ssh_authenticate() by accessing 'user->username'. Solution: - Update the comment of function guac_ssh_get_user() to document that NULL will be returned if fails to import key for the user. - In function ssh_client_thread(), verify the return of guac_ssh_get_user(). If ssh_client->user is NULL, return NULL. Test: - Configured a ssh app with an encrypted private key and a wrong passphrase. - Ran the ssh app from web portal and observed guacd crash. - Applied the fix and reran the ssh app. Observed no crash.
This commit is contained in:
parent
f559701645
commit
3c7a09f52b
@ -63,7 +63,8 @@
|
||||
* terminal to use when prompting the user.
|
||||
*
|
||||
* @return
|
||||
* A new user object containing the user's username and other credentials.
|
||||
* A new user object containing the user's username and other credentials,
|
||||
* or NULL if fails to import key.
|
||||
*/
|
||||
static guac_common_ssh_user* guac_ssh_get_user(guac_client* client) {
|
||||
|
||||
@ -215,6 +216,10 @@ void* ssh_client_thread(void* data) {
|
||||
|
||||
/* Get user and credentials */
|
||||
ssh_client->user = guac_ssh_get_user(client);
|
||||
if (ssh_client->user == NULL) {
|
||||
/* Already aborted within guac_ssh_get_user() */
|
||||
return NULL;
|
||||
}
|
||||
|
||||
/* Open SSH session */
|
||||
ssh_client->session = guac_common_ssh_create_session(client,
|
||||
|
Loading…
Reference in New Issue
Block a user