PuTTY bug ssh1-bad-passphrase-crash

Home | FAQ | Feedback | Licence | Updates | Mirrors | Keys | Links | Team
Download: Stable · Snapshot | Docs | Changes | Wishlist

summary: Entering wrong SSH-1 key passphrase causes PuTTY crash
class: bug: This is clearly an actual problem we want fixed.
difficulty: fun: Just needs tuits, and not many of them.
priority: high: This should be fixed in the next release.
absent-in: 0.57
present-in: 0.58
fixed-in: 2005-10-31 8719f92c1426609de7ead4a490a15d1d18875f53 (0.59)

When using public-key authentication in SSH-1, entering an incorrect passphrase in the PuTTY window will cause PuTTY to crash. Correct passphrases or Pageant authentication are fine, as is SSH-2.

I believe this is caused by do_ssh1_login() using its argument pktin in the auth loop condition. When prompting for a password in GUI PuTTY, that argument can become NULL due to coroutine mechanics. Prior to 0.58 we didn't use the argument. If so, this was probably introduced around r4898, and won't affect Plink/PSCP/PSFTP.

This looks similar to a problem blocking ssh2-password-expiry, so should probably be looked into at the same time.

If you want to comment on this web site, see the Feedback page.
Audit trail for this bug.
(last revision of this bug record was at 2017-04-28 16:52:45 +0100)