Bug#220726: obscure error messages if newlines in ~/.ssh/authorized_keys

[Marc Haber <mh+debian-bugs@zugschlus.de>]

Package: ssh
Version: 1:3.6.1p2-9
Severity: normal

When one goofs with his authorized_keys file (adding linefeeds into
the public key, for example), the ssh server reacts with "Nov 14
10:04:42 kes sshd[11927]: fatal: buffer_get: trying to get more bytes
129 than in buffer 39" in the syslog.  This error message is likely to
cause a heart attack with whoever reads logcheck output because it
suggests a buffer overflow attack happening.

Please consider adding code to detect this particular error and
to emit a less scary error message like "OSI layer 8 problem:
Formatting error in ~$USER/.ssh/authorized_keys".

Greetings
Marc

-- System Information:
Debian Release: testing/unstable
Architecture: i386
Kernel: Linux kes 2.4.22-kes #1 Tue Oct 7 07:49:10 UTC 2003 i686
Locale: LANG=C, LC_CTYPE=C

Versions of packages ssh depends on:
ii  adduser                     3.51         Add and remove users and groups
ii  debconf                     1.3.20       Debian configuration management sy
ii  libc6                       2.3.2.ds1-10 GNU C Library: Shared libraries an
ii  libpam-modules              0.76-14      Pluggable Authentication Modules f
ii  libpam0g                    0.76-14      Pluggable Authentication Modules l
ii  libssl0.9.7                 0.9.7c-5     SSL shared libraries
ii  libwrap0                    7.6-ipv6.1-3 Wietse Venema's TCP wrappers libra
ii  zlib1g                      1:1.1.4-16   compression library - runtime

-- debconf information excluded