diff options
| author | Damien Miller <djm@mindrot.org> | 2001-11-12 11:05:20 +1100 |
|---|---|---|
| committer | Damien Miller <djm@mindrot.org> | 2001-11-12 11:05:20 +1100 |
| commit | 637b8ae2d491ee0f46997b4d93fade643874a67a (patch) | |
| tree | 55ab3b95f84d48396a59795f5e32d94c5a080917 | |
| parent | 36f8dd3ed66b71fe661ed0c7a5f292bbdc8f87e3 (diff) | |
- markus@cvs.openbsd.org 2001/11/08 10:51:08
[readpass.c]
don't strdup too much data; from gotoh@taiyo.co.jp; ok millert.
| -rw-r--r-- | ChangeLog | 5 | ||||
| -rw-r--r-- | readpass.c | 11 |
2 files changed, 9 insertions, 7 deletions
@@ -42,6 +42,9 @@ - markus@cvs.openbsd.org 2001/11/07 22:53:21 [channels.h] crank c->path to 256 so they can hold a full hostname; dwd@bell-labs.com + - markus@cvs.openbsd.org 2001/11/08 10:51:08 + [readpass.c] + don't strdup too much data; from gotoh@taiyo.co.jp; ok millert. 20011109 - (stevesk) auth-pam.c: use do_pam_authenticate(PAM_DISALLOW_NULL_AUTHTOK) @@ -6851,4 +6854,4 @@ - Wrote replacements for strlcpy and mkdtemp - Released 1.0pre1 -$Id: ChangeLog,v 1.1647 2001/11/12 00:04:54 djm Exp $ +$Id: ChangeLog,v 1.1648 2001/11/12 00:05:20 djm Exp $ @@ -32,7 +32,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: readpass.c,v 1.22 2001/07/14 15:10:16 stevesk Exp $"); +RCSID("$OpenBSD: readpass.c,v 1.23 2001/11/08 10:51:08 markus Exp $"); #include "xmalloc.h" #include "readpass.h" @@ -45,7 +45,7 @@ ssh_askpass(char *askpass, const char *msg) { pid_t pid; size_t len; - char *nl, *pass; + char *pass; int p[2], status; char buf[1024]; @@ -71,16 +71,15 @@ ssh_askpass(char *askpass, const char *msg) fatal("ssh_askpass: exec(%s): %s", askpass, strerror(errno)); } close(p[1]); - len = read(p[0], buf, sizeof buf); + len = read(p[0], buf, sizeof buf -1); close(p[0]); while (waitpid(pid, &status, 0) < 0) if (errno != EINTR) break; if (len <= 1) return xstrdup(""); - nl = strchr(buf, '\n'); - if (nl) - *nl = '\0'; + buf[len] = '\0'; + buf[strcspn(buf, "\r\n")] = '\0'; pass = xstrdup(buf); memset(buf, 0, sizeof(buf)); return pass; |