Skip to content

Commit

Permalink
known_hosts parsing does not ignore malformed base64 strings since 0.…
Browse files Browse the repository at this point in the history 
…36.0 (hierynomus#922)

(cherry picked from commit 03f8b22)
  • Loading branch information
@kegelh @vladimirlagunov
kegelh authored and vladimirlagunov committed Apr 4, 2024
1 parent dc6b207 commit 2ad8972
Show file tree
Hide file tree
Showing 2 changed files with 12 additions and 4 deletions.
4 changes: 2 additions & 2 deletions src/main/java/net/schmizz/sshj/transport/verification/OpenSSHKnownHosts.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -292,8 +292,8 @@ public KnownHostEntry parseEntry(String line)
try {
byte[] keyBytes = Base64.getDecoder().decode(sKey);
key = new Buffer.PlainBuffer(keyBytes).readPublicKey();
} catch (IOException ioe) {
log.warn("Error decoding Base64 key bytes", ioe);
} catch (IOException | IllegalArgumentException exception) {
log.warn("Error decoding Base64 key bytes", exception);
return new BadHostEntry(line);
}
} else if (isBits(sType)) {
Expand Down
12 changes: 10 additions & 2 deletions src/test/java/com/hierynomus/sshj/transport/verification/OpenSSHKnownHostsTest.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -23,11 +23,9 @@

import java.io.File;
import java.io.IOException;
import java.lang.module.ModuleDescriptor.Opens;
import java.nio.charset.StandardCharsets;
import java.nio.file.Files;
import java.security.PublicKey;
import java.security.Security;
import java.util.Base64;
import java.util.stream.Stream;

Expand Down Expand Up @@ -110,6 +108,16 @@ public void shouldNotFailOnBadBase64Entry() throws Exception {
assertTrue(ohk.verify("host1", 22, k));
}

@Test
public void shouldNotFailOnMalformedBase64String() throws IOException {
File knownHosts = knownHosts(
"1.1.1.1 ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBA/CkqWXSlbdo7jPshvIWT/m3FAdpSIKUx/uTmz87ObpBxXsfF8aMSiwGMKHjqviTV4cG6F7vFf28ll+9CbGsbs=192\n"
);
OpenSSHKnownHosts ohk = new OpenSSHKnownHosts(knownHosts);
assertEquals(1, ohk.entries().size());
assertThat(ohk.entries().get(0)).isInstanceOf(OpenSSHKnownHosts.BadHostEntry.class);
}

@Test
public void shouldMarkBadLineAndNotFail() throws Exception {
File knownHosts = knownHosts(
Expand Down

0 comments on commit 2ad8972

Please sign in to comment.