[Bug 44175] New: stack corruption and crash with OpenSSH port

Fri Dec 15 03:59:33 CST 2017

https://bugs.winehq.org/show_bug.cgi?id=44175

            Bug ID: 44175
           Summary: stack corruption and crash with OpenSSH port
           Product: Wine
           Version: 2.20
          Hardware: x86
                OS: Linux
            Status: UNCONFIRMED
          Severity: normal
          Priority: P2
         Component: -unknown
          Assignee: wine-bugs at winehq.org
          Reporter: ossman at cendio.se
      Distribution: ---

We have a port of OpenSSH to Windows that work well on a real Windows system,
but crashes under Wine. I've tried to pinpoint the issue but I get very weird
stack behaviours under winedbg. I've attached a binary with debug symbols.

A simple "ssh.exe server.example.com" crashes. Stepping shows that the crash is
on this code:

sshconnect.c:641
> 	if (sscanf(server_version_string, "SSH-%d.%d-%[^\n]\n",
> 	    &remote_major, &remote_minor, remote_version) != 3)

However the stack is already corrupt when this code is reached.

Stepping earlier in the program causes it to crap out when doing this call:

ssh.c:1095
> 	direct = option_clear_or_none(options.proxy_command) &&

options.proxy_command is NULL before the function is called, but once
option_clear_or_none() the stack is bonkers with local variables and the call
trace messed up. However it still executes a lot of code correctly after this,
so it might just be a winedbg bug.

Not sure how to proceed at this point.

-- 
Do not reply to this email, post in Bugzilla using the
above URL to reply.
You are receiving this mail because:
You are watching all bug changes.