Fix crash on corrupt known_hosts file
Status: Alpha
Brought to you by:
ymnk
The exception is raised in the case where a server host key is bad. In
my case the system administrator had accidentally included the key
type twice:
server.company.com,10.0.0.1 ssh-rsa ssh-rsa <key></key>
And ssh-rsa was treated as a key. This fails because it is not valid
Base64. My proposed patch treats this line as an invalid line and
continues, like JSch does in other cases.
$ diff -u ./src/main/java/com/jcraft/jsch/KnownHosts.java ./src/main/java/com/jcraft/jsch/KnownHosts2.java
--- ./src/main/java/com/jcraft/jsch/KnownHosts.java 2017-03-28 09:55:32.131080050 +0100
+++ ./src/main/java/com/jcraft/jsch/KnownHosts2.java 2017-03-28 09:57:26.322732339 +0100
@@ -215,12 +215,14 @@
//System.err.println(host);
//System.err.println("|"+key+"|");
- HostKey hk = null;
- hk = new HashedHostKey(marker, host, type,
- Util.fromBase64(Util.str2byte(key), 0,
- key.length()), comment);
- pool.addElement(hk);
- }
+ try {
+ pool.addElement(new HashedHostKey(marker, host, type,
+ Util.fromBase64(Util.str2byte(key), 0,
+ key.length()), comment));
+ } catch (JSchException e) {
+ addInvalidLine(Util.byte2str(buf, 0, bufl));
+ }
+
if(error){
throw new JSchException("KnownHosts: invalid format");
}