From 281ce042579b834cdc1e74314f1fb2eeb75d2612 Mon Sep 17 00:00:00 2001
From: "dtucker@openbsd.org" <dtucker@openbsd.org>
Date: Thu, 24 Jan 2019 02:34:52 +0000
Subject: [PATCH] upstream: Always initialize 2nd arg to hpdelim2. It populates
 that

*ONLY IF* there's a delimiter.  If there's not (the common case) it checked
uninitialized memory, which usually passed, but if not would cause spurious
failures when the uninitialized memory happens to contain "/".  ok deraadt.

OpenBSD-Commit-ID: 4291611eaf2a53d4c92f4a57c7f267c9f944e0d3
---
 servconf.c | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/servconf.c b/servconf.c
index 1562bd875..d9680aba1 100644
--- a/servconf.c
+++ b/servconf.c
@@ -1,5 +1,5 @@
 
-/* $OpenBSD: servconf.c,v 1.347 2019/01/23 21:50:56 dtucker Exp $ */
+/* $OpenBSD: servconf.c,v 1.348 2019/01/24 02:34:52 dtucker Exp $ */
 /*
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
  *                    All rights reserved
@@ -896,6 +896,7 @@ process_permitopen_list(struct ssh *ssh, ServerOpCodes opcode,
 	/* Otherwise treat it as a list of permitted host:port */
 	for (i = 0; i < num_opens; i++) {
 		oarg = arg = xstrdup(opens[i]);
+		ch = '\0';
 		host = hpdelim2(&arg, &ch);
 		if (host == NULL || ch == '/')
 			fatal("%s: missing host in %s", __func__, what);
@@ -1214,7 +1215,7 @@ process_server_config_line(ServerOptions *options, char *line,
     const char *filename, int linenum, int *activep,
     struct connection_info *connectinfo)
 {
-	char *cp, ***chararrayptr, **charptr, *arg, *arg2, *p;
+	char ch, *cp, ***chararrayptr, **charptr, *arg, *arg2, *p;
 	int cmdline = 0, *intptr, value, value2, n, port;
 	SyslogFacility *log_facility_ptr;
 	LogLevel *log_level_ptr;
@@ -1314,8 +1315,8 @@ process_server_config_line(ServerOptions *options, char *line,
 			port = 0;
 			p = arg;
 		} else {
-			char ch;
 			arg2 = NULL;
+			ch = '\0';
 			p = hpdelim2(&arg, &ch);
 			if (p == NULL || ch == '/')
 				fatal("%s line %d: bad address:port usage",
@@ -1944,9 +1945,8 @@ process_server_config_line(ServerOptions *options, char *line,
 				 */
 				xasprintf(&arg2, "*:%s", arg);
 			} else {
-				char ch;
-
 				arg2 = xstrdup(arg);
+				ch = '\0';
 				p = hpdelim2(&arg, &ch);
 				if (p == NULL || ch == '/') {
 					fatal("%s line %d: missing host in %s",