tyler.durden
/
openssh-portable
mirror of https://github.com/PowerShell/openssh-portable.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

- djm@cvs.openbsd.org 2009/11/20 03:24:07 

[misc.c]
     correct off-by-one in percent_expand(): we would fatal() when trying
     to expand EXPAND_MAX_KEYS, allowing only EXPAND_MAX_KEYS-1 to actually
     work.  Note that nothing in OpenSSH actually uses close to this limit at
     present.  bz#1607 from Jan.Pechanec AT Sun.COM
This commit is contained in:
Darren Tucker 2010-01-08 18:49:16 +11:00
parent ab79169e29
commit 70d87693f4
2 changed files with 15 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
ChangeLog
View File

@ -81,6 +81,12 @@
- dtucker@cvs.openbsd.org 2009/11/20 00:59:36 - dtucker@cvs.openbsd.org 2009/11/20 00:59:36
[sshconnect2.c] [sshconnect2.c]
Use the HostKeyAlias when prompting for passwords. bz#1039, ok djm@ Use the HostKeyAlias when prompting for passwords. bz#1039, ok djm@
- djm@cvs.openbsd.org 2009/11/20 03:24:07
[misc.c]
correct off-by-one in percent_expand(): we would fatal() when trying
to expand EXPAND_MAX_KEYS, allowing only EXPAND_MAX_KEYS-1 to actually
work. Note that nothing in OpenSSH actually uses close to this limit at
present. bz#1607 from Jan.Pechanec AT Sun.COM
20091226 20091226
- (tim) [contrib/cygwin/Makefile] Install ssh-copy-id and ssh-copy-id.1 - (tim) [contrib/cygwin/Makefile] Install ssh-copy-id and ssh-copy-id.1

18
misc.c
View File

@ -1,4 +1,4 @@
/* $OpenBSD: misc.c,v 1.72 2009/10/28 16:38:18 reyk Exp $ */ /* $OpenBSD: misc.c,v 1.73 2009/11/20 03:24:07 djm Exp $ */
/* /*
* Copyright (c) 2000 Markus Friedl. All rights reserved. * Copyright (c) 2000 Markus Friedl. All rights reserved.
* Copyright (c) 2005,2006 Damien Miller. All rights reserved. * Copyright (c) 2005,2006 Damien Miller. All rights reserved.
@ -597,11 +597,11 @@ char *
percent_expand(const char *string, ...) percent_expand(const char *string, ...)
{ {
#define EXPAND_MAX_KEYS 16 #define EXPAND_MAX_KEYS 16
u_int num_keys, i, j;
struct { struct {
const char *key; const char *key;
const char *repl; const char *repl;
} keys[EXPAND_MAX_KEYS]; } keys[EXPAND_MAX_KEYS];
u_int num_keys, i, j;
char buf[4096]; char buf[4096];
va_list ap; va_list ap;
@ -613,13 +613,12 @@ percent_expand(const char *string, ...)
break; break;
keys[num_keys].repl = va_arg(ap, char *); keys[num_keys].repl = va_arg(ap, char *);
if (keys[num_keys].repl == NULL) if (keys[num_keys].repl == NULL)
fatal("percent_expand: NULL replacement"); fatal("%s: NULL replacement", __func__);
} }
if (num_keys == EXPAND_MAX_KEYS && va_arg(ap, char *) != NULL)
fatal("%s: too many keys", __func__);
va_end(ap); va_end(ap);
if (num_keys >= EXPAND_MAX_KEYS)
fatal("percent_expand: too many keys");
/* Expand string */ /* Expand string */
*buf = '\0'; *buf = '\0';
for (i = 0; *string != '\0'; string++) { for (i = 0; *string != '\0'; string++) {
@ -627,23 +626,24 @@ percent_expand(const char *string, ...)
append: append:
buf[i++] = *string; buf[i++] = *string;
if (i >= sizeof(buf)) if (i >= sizeof(buf))
fatal("percent_expand: string too long"); fatal("%s: string too long", __func__);
buf[i] = '\0'; buf[i] = '\0';
continue; continue;
} }
string++; string++;
/* %% case */
if (*string == '%') if (*string == '%')
goto append; goto append;
for (j = 0; j < num_keys; j++) { for (j = 0; j < num_keys; j++) {
if (strchr(keys[j].key, *string) != NULL) { if (strchr(keys[j].key, *string) != NULL) {
i = strlcat(buf, keys[j].repl, sizeof(buf)); i = strlcat(buf, keys[j].repl, sizeof(buf));
if (i >= sizeof(buf)) if (i >= sizeof(buf))
fatal("percent_expand: string too long"); fatal("%s: string too long", __func__);
break; break;
} }
} }
if (j >= num_keys) if (j >= num_keys)
fatal("percent_expand: unknown key %%%c", *string); fatal("%s: unknown key %%%c", __func__, *string);
} }
return (xstrdup(buf)); return (xstrdup(buf));
#undef EXPAND_MAX_KEYS #undef EXPAND_MAX_KEYS