the test torture_config_new, introduced in 53d84abb1 fails in torture_config.c on line 201 when running assert_int_equal(session->opts.timeout, 30).
The bug seems to appear due to the variable i being declared as an int on line 359 of config.c. The timeout value of 30 that is read previously is stored into the variable i.
Later on when the timeout is being set for the session, in ssh_options_set in options.c, the variable i is passed as const void *value.
On line 636 of options.c, the const void *value is cast to long * and assigned to long *x. Since on some architectures a long has eight bytes and an int only four, an additional four bytes of garbage are used when the pointer is dereferenced, so the test *x > 0 on line 637 fails which makes the torture_new_test fail too.
Line 650 has the same const void* to long * cast, so the same problem could happen for the option SSH_OPTIONS_TIMEOUT_USEC too.
session->opts.timeout is declared on line 196 of session.h as a unsigned long.
The timeout value read from the config file is assigned to i on line 510 of config.c, with i = ssh_config_get_int(&s -1).
Since different types are used at different places for the timeout and i is used at multiple places when parsing the config, im not sure what the best fix would be so I'm only reporting the bug for now.