diff options
author | dtucker@openbsd.org <dtucker@openbsd.org> | 2023-02-28 21:31:50 +0000 |
---|---|---|
committer | Darren Tucker <dtucker@dtucker.net> | 2023-03-01 09:01:14 +1100 |
commit | 8ead62ed5e86c7df597d8604f332f49cd1527b85 (patch) | |
tree | bf27952551fd2114064b212b1e929ba1c0d303ae | |
parent | 44ca56ba0b3f531f1d85730cc701097cd49e6868 (diff) |
upstream: fatal out if allocating banner string fails to avoid
potential null deref later in sscanf. Spotted by Coverity, ok deraadt@
OpenBSD-Commit-ID: 74e8d228ac00552e96e9e968dfcccf8dd1f46ad5
-rw-r--r-- | kex.c | 4 |
1 files changed, 2 insertions, 2 deletions
@@ -1,4 +1,4 @@ -/* $OpenBSD: kex.c,v 1.174 2023/02/17 04:22:50 dtucker Exp $ */ +/* $OpenBSD: kex.c,v 1.175 2023/02/28 21:31:50 dtucker Exp $ */ /* * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. * @@ -1345,7 +1345,7 @@ kex_exchange_identification(struct ssh *ssh, int timeout_ms, } peer_version_string = sshbuf_dup_string(peer_version); if (peer_version_string == NULL) - error_f("sshbuf_dup_string failed"); + fatal_f("sshbuf_dup_string failed"); /* XXX must be same size for sscanf */ if ((remote_version = calloc(1, sshbuf_len(peer_version))) == NULL) { error_f("calloc failed"); |