upstream: fseek to end of known_hosts before writing to it.

POSIX and ANSI C require that applications call fseek or similar between read and writing to a RW file. OpenBSD doesn't enforce this, but some (System V derived) platforms need this to prevent it from writing a spurious extra byte (in this case, a newline). ok djm@ deraadt@ OpenBSD-Commit-ID: 33e680dcd8110582a93a40a8491024e961f45137
2023-02-21 06:48:18 +00:00 · 2023-02-21 06:48:18 +00:00 · fe0bd3cde9
parent 357fb8ae14
commit fe0bd3cde9
1 changed files with 9 additions and 8 deletions
--- a/hostfile.c
+++ b/hostfile.c
@ -1,4 +1,4 @@
-/* $OpenBSD: hostfile.c,v 1.94 2023/02/09 09:54:11 dtucker Exp $ */
+/* $OpenBSD: hostfile.c,v 1.95 2023/02/21 06:48:18 dtucker Exp $ */
 /*
 * Author: Tatu Ylonen <ylo@cs.hut.fi>
 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@ -515,7 +515,7 @@ add_host_to_hostfile(const char *filename, const char *host,
    const struct sshkey *key, int store_hash)
 {
 	FILE *f;
-	int success;
+	int success, addnl = 0;
 	if (key == NULL)
 		return 1;	/* XXX ? */
@ -525,12 +525,13 @@ add_host_to_hostfile(const char *filename, const char *host,
 		return 0;
 	/* Make sure we have a terminating newline. */
 	if (fseek(f, -1L, SEEK_END) == 0 && fgetc(f) != '\n')
-		if (fputc('\n', f) != '\n') {
+		addnl = 1;
-			error("Failed to add terminating newline to %s: %s",
+	if (fseek(f, 0L, SEEK_END) != 0 || (addnl && fputc('\n', f) != '\n')) {
-			   filename, strerror(errno));
+		error("Failed to add terminating newline to %s: %s",
-			fclose(f);
+		   filename, strerror(errno));
-			return 0;
+		fclose(f);
-		}
+		return 0;
 	}
 	success = write_host_entry(f, host, NULL, key, store_hash);
 	fclose(f);
 	return success;