upstream: scrub keyboard-interactive authentication prompts coming

from the server through asmprintf() prior to display; suggested by and ok dtucker@ OpenBSD-Commit-ID: 31fe93367645c37fbfe4691596bf6cf1e3972a58
2025-07-30 09:14:59 +02:00 · 2020-11-13 07:30:44 +00:00 · 2020-11-13 07:30:44 +00:00 · 04088725ec
commit 04088725ec
parent 5442b491d0
1 changed files with 5 additions and 3 deletions
--- a/sshconnect2.c
+++ b/sshconnect2.c
@ -1,4 +1,4 @@
-/* $OpenBSD: sshconnect2.c,v 1.335 2020/11/13 04:53:12 djm Exp $ */
+/* $OpenBSD: sshconnect2.c,v 1.336 2020/11/13 07:30:44 djm Exp $ */
 /*
 * Copyright (c) 2000 Markus Friedl.  All rights reserved.
 * Copyright (c) 2008 Damien Miller.  All rights reserved.
@ -33,6 +33,7 @@

 #include <errno.h>
 #include <fcntl.h>
+#include <limits.h>
 #include <netdb.h>
 #include <pwd.h>
 #include <signal.h>
@ -1924,9 +1925,10 @@ input_userauth_info_req(int type, u_int32_t seq, struct ssh *ssh)
 		if ((r = sshpkt_get_cstring(ssh, &prompt, NULL)) != 0 ||
 		    (r = sshpkt_get_u8(ssh, &echo)) != 0)
 			goto out;
-		xasprintf(&display_prompt, "(%s@%s) %s",
+		if (asmprintf(&display_prompt, INT_MAX, NULL, "(%s@%s) %s",
 		    authctxt->server_user, options.host_key_alias ?
-		    options.host_key_alias : authctxt->host, prompt);
+		    options.host_key_alias : authctxt->host, prompt) == -1)
+			fatal_f("asmprintf failed");
 		response = read_passphrase(display_prompt, echo ? RP_ECHO : 0);
 		if ((r = sshpkt_put_cstring(ssh, response)) != 0)
 			goto out;