diff --git a/ChangeLog b/ChangeLog index 3434ba0eb..61786ac96 100644 --- a/ChangeLog +++ b/ChangeLog @@ -8,6 +8,10 @@ - djm@cvs.openbsd.org 2014/03/12 04:44:58 [ssh-keyscan.c] scan for Ed25519 keys by default too + - djm@cvs.openbsd.org 2014/03/12 04:50:32 + [auth-bsdauth.c ssh-keygen.c] + don't count on things that accept arguments by reference to clear + things for us on error; most things do, but it's unsafe form. 20140401 - (djm) On platforms that support it, use prctl() to prevent sftp-server diff --git a/auth-bsdauth.c b/auth-bsdauth.c index 0b3262b49..f4209c22a 100644 --- a/auth-bsdauth.c +++ b/auth-bsdauth.c @@ -1,4 +1,4 @@ -/* $OpenBSD: auth-bsdauth.c,v 1.11 2007/09/21 08:15:29 djm Exp $ */ +/* $OpenBSD: auth-bsdauth.c,v 1.12 2014/03/12 04:50:32 djm Exp $ */ /* * Copyright (c) 2001 Markus Friedl. All rights reserved. * @@ -54,6 +54,11 @@ bsdauth_query(void *ctx, char **name, char **infotxt, Authctxt *authctxt = ctx; char *challenge = NULL; + *infotxt = NULL; + *numprompts = 0; + *prompts = NULL; + *echo_on = NULL; + if (authctxt->as != NULL) { debug2("bsdauth_query: try reuse session"); challenge = auth_getitem(authctxt->as, AUTHV_CHALLENGE); diff --git a/ssh-keygen.c b/ssh-keygen.c index 2a316bcea..64d1a5f3c 100644 --- a/ssh-keygen.c +++ b/ssh-keygen.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh-keygen.c,v 1.241 2014/02/05 20:13:25 naddy Exp $ */ +/* $OpenBSD: ssh-keygen.c,v 1.242 2014/03/12 04:50:32 djm Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1994 Tatu Ylonen , Espoo, Finland @@ -408,7 +408,7 @@ do_convert_private_ssh2_from_blob(u_char *blob, u_int blen) Buffer b; Key *key = NULL; char *type, *cipher; - u_char *sig, data[] = "abcde12345"; + u_char *sig = NULL, data[] = "abcde12345"; int magic, rlen, ktype, i1, i2, i3, i4; u_int slen; u_long e;