CVE-2026-0965 config: Do not attempt to read non-regular and too large configuration files

Changes also the reading of known_hosts to use the new helper function Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2026-02-11 18:50:28 +09:00 · 2025-12-11 17:33:19 +01:00
parent 1b2a4f760b
commit a5eb30dbfd
10 changed files with 118 additions and 13 deletions
--- a/tests/unittests/torture_config.c
+++ b/tests/unittests/torture_config.c
@@ -2933,6 +2933,23 @@ static void torture_config_jump(void **state)
    printf("%s: EOF\n", __func__);
 }

+/* Invalid configuration files
+ */
+static void torture_config_invalid(void **state)
+{
+    ssh_session session = *state;
+
+    ssh_options_set(session, SSH_OPTIONS_HOST, "Bar");
+
+    /* non-regular file -- ignored (or missing on non-unix) so OK */
+    _parse_config(session, "/dev/random", NULL, SSH_OK);
+
+#ifndef _WIN32
+    /* huge file -- ignored (or missing on non-unix) so OK */
+    _parse_config(session, "/proc/kcore", NULL, SSH_OK);
+#endif
+}
+
 int torture_run_tests(void)
 {
    int rc;
@@ -3087,6 +3104,9 @@ int torture_run_tests(void)
        cmocka_unit_test_setup_teardown(torture_config_jump,
                                        setup,
                                        teardown),
+        cmocka_unit_test_setup_teardown(torture_config_invalid,
+                                        setup,
+                                        teardown),
    };

    ssh_init();