diff --git a/ChangeLog b/ChangeLog index 4e7471bb2..85641c48c 100644 --- a/ChangeLog +++ b/ChangeLog @@ -42,6 +42,9 @@ - markus@cvs.openbsd.org 2001/11/07 22:53:21 [channels.h] crank c->path to 256 so they can hold a full hostname; dwd@bell-labs.com + - markus@cvs.openbsd.org 2001/11/08 10:51:08 + [readpass.c] + don't strdup too much data; from gotoh@taiyo.co.jp; ok millert. 20011109 - (stevesk) auth-pam.c: use do_pam_authenticate(PAM_DISALLOW_NULL_AUTHTOK) @@ -6851,4 +6854,4 @@ - Wrote replacements for strlcpy and mkdtemp - Released 1.0pre1 -$Id: ChangeLog,v 1.1647 2001/11/12 00:04:54 djm Exp $ +$Id: ChangeLog,v 1.1648 2001/11/12 00:05:20 djm Exp $ diff --git a/readpass.c b/readpass.c index 577a407f3..a0429818e 100644 --- a/readpass.c +++ b/readpass.c @@ -32,7 +32,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: readpass.c,v 1.22 2001/07/14 15:10:16 stevesk Exp $"); +RCSID("$OpenBSD: readpass.c,v 1.23 2001/11/08 10:51:08 markus Exp $"); #include "xmalloc.h" #include "readpass.h" @@ -45,7 +45,7 @@ ssh_askpass(char *askpass, const char *msg) { pid_t pid; size_t len; - char *nl, *pass; + char *pass; int p[2], status; char buf[1024]; @@ -71,16 +71,15 @@ ssh_askpass(char *askpass, const char *msg) fatal("ssh_askpass: exec(%s): %s", askpass, strerror(errno)); } close(p[1]); - len = read(p[0], buf, sizeof buf); + len = read(p[0], buf, sizeof buf -1); close(p[0]); while (waitpid(pid, &status, 0) < 0) if (errno != EINTR) break; if (len <= 1) return xstrdup(""); - nl = strchr(buf, '\n'); - if (nl) - *nl = '\0'; + buf[len] = '\0'; + buf[strcspn(buf, "\r\n")] = '\0'; pass = xstrdup(buf); memset(buf, 0, sizeof(buf)); return pass;