Bug in libwrap may impact ssh use.

Do you have a question? Post it now! No Registration Necessary.  Now with pictures!

Now that we are all instituting various protections against ssh password
guessing attacks, there is a bug in tcpwrapper which may impact some.
If a line in /etc/hosts.allow gets longer than 2047 characters, ssh will go
into an infinite loop and consume 100% of cpu. The problem is in the
xgets function from misc.c in tcp_wrapper code. There is no trap against a
too-long-line, (or particularly "got==0") and the routine goes into an infinite

a) Make sure that your script/program ,which puts hosts, which have been
bashing at ssh, into hosts.allow (with a :deny option) or into hosts.deny,
does not create arbitrary length lines.
b) patch xgets/libwrap.

[xgets is described as fgets on steroids, and illustrates the dangers of
steroid use.]

Site Timeline