diff options
| author | Damien Miller <djm@mindrot.org> | 2008-11-03 19:22:09 +1100 |
|---|---|---|
| committer | Damien Miller <djm@mindrot.org> | 2008-11-03 19:22:09 +1100 |
| commit | c4d1b36cc2fb89566fe01b990abf8b635e0dce74 (patch) | |
| tree | f0c9f2c8c52ec453241aa2f34ceb937566f2b620 | |
| parent | 49b78d4fbc138a252fc083c67d6b3750477d92a1 (diff) | |
aadt@cvs.openbsd.org 2008/10/03 23:56:28
[sshconnect2.c]
Repair strnvis() buffersize of 4*n+1, with termination gauranteed by the
function.
spotted by des@freebsd, who commited an incorrect fix to the freebsd tree
and (as is fairly typical) did not report the problem to us. But this fix
is correct.
ok djm
| -rw-r--r-- | ChangeLog | 10 | ||||
| -rw-r--r-- | sshconnect2.c | 6 |
2 files changed, 12 insertions, 4 deletions
@@ -39,6 +39,14 @@ do not give an example of how to chmod files: we can presume the user knows that. removes an ambiguity in the permission of authorized_keys; ok deraadt + - deraadt@cvs.openbsd.org 2008/10/03 23:56:28 + [sshconnect2.c] + Repair strnvis() buffersize of 4*n+1, with termination gauranteed by the + function. + spotted by des@freebsd, who commited an incorrect fix to the freebsd tree + and (as is fairly typical) did not report the problem to us. But this fix + is correct. + ok djm 20080906 - (dtucker) [config.guess config.sub] Update to latest versions from @@ -4773,4 +4781,4 @@ OpenServer 6 and add osr5bigcrypt support so when someone migrates passwords between UnixWare and OpenServer they will still work. OK dtucker@ -$Id: ChangeLog,v 1.5108 2008/11/03 08:21:21 djm Exp $ +$Id: ChangeLog,v 1.5109 2008/11/03 08:22:09 djm Exp $ diff --git a/sshconnect2.c b/sshconnect2.c index 1a8f3907..fe9285f1 100644 --- a/sshconnect2.c +++ b/sshconnect2.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sshconnect2.c,v 1.167 2008/07/31 14:48:28 markus Exp $ */ +/* $OpenBSD: sshconnect2.c,v 1.168 2008/10/03 23:56:28 deraadt Exp $ */ /* * Copyright (c) 2000 Markus Friedl. All rights reserved. * @@ -386,8 +386,8 @@ input_userauth_banner(int type, u_int32_t seq, void *ctxt) if (len > 0 && options.log_level >= SYSLOG_LEVEL_INFO) { if (len > 65536) len = 65536; - msg = xmalloc(len * 4); /* max expansion from strnvis() */ - strnvis(msg, raw, len * 4, VIS_SAFE|VIS_OCTAL); + msg = xmalloc(len * 4 + 1); /* max expansion from strnvis() */ + strnvis(msg, raw, len * 4 + 1, VIS_SAFE|VIS_OCTAL); fprintf(stderr, "%s", msg); xfree(msg); } |