Skip to content

Commit

Permalink
Gracefully handle rare exceptions (i.e.: crashes) while performing GE…
Browse files Browse the repository at this point in the history
…X tests.
  • Loading branch information
jtesta committed Feb 17, 2024
1 parent a958fd1 commit 699739d
Show file tree
Hide file tree
Showing 2 changed files with 3 additions and 1 deletion.
1 change: 1 addition & 0 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -185,6 +185,7 @@ For convenience, a web front-end on top of the command-line tool is available at
- Fixed parsing of ecdsa-sha2-nistp* CA signatures on host keys. Additionally, they are now flagged as potentially back-doored, just as standard host keys are.
- The built-in man page (`-m`, `--manual`) is now available on Docker, PyPI, and Snap builds, in addition to the Windows build.
- Snap builds are now architecture-independent.
- Gracefully handle rare exceptions (i.e.: crashes) while performing GEX tests.

### v3.1.0 (2023-12-20)
- Added test for the Terrapin message prefix truncation vulnerability ([CVE-2023-48795](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-48795)).
Expand Down
3 changes: 2 additions & 1 deletion src/ssh_audit/gextest.py
Original file line number Diff line number Diff line change
Expand Up @@ -21,6 +21,7 @@
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
THE SOFTWARE.
"""
import struct
import traceback

# pylint: disable=unused-import
Expand Down Expand Up @@ -65,7 +66,7 @@ def reconnect(out: 'OutputBuffer', s: 'SSH_Socket', kex: 'SSH2_Kex', gex_alg: st
# Parse the server's KEX.
_, payload = s.read_packet(2)
SSH2_Kex.parse(out, payload)
except KexDHException:
except (KexDHException, struct.error):
out.v("Failed to parse server's kex. Stack trace:\n%s" % str(traceback.format_exc()), write_now=True)
return False

Expand Down

0 comments on commit 699739d

Please sign in to comment.