Commit Graph

201 Commits

Author SHA1 Message Date
deraadt@openbsd.org 657a5fbc0d upstream commit
rename xrealloc() to xreallocarray() since it follows
 that form. ok djm
2015-04-29 18:15:23 +10:00
deraadt@openbsd.org 2ae4f337b2 upstream commit
Replace <sys/param.h> with <limits.h> and other less
 dirty headers where possible.  Annotate <sys/param.h> lines with their
 current reasons.  Switch to PATH_MAX, NGROUPS_MAX, HOST_NAME_MAX+1,
 LOGIN_NAME_MAX, etc.  Change MIN() and MAX() to local definitions of
 MINIMUM() and MAXIMUM() where sensible to avoid pulling in the pollution.
 These are the files confirmed through binary verification. ok guenther,
 millert, doug (helped with the verification protocol)
2015-01-16 18:24:48 +11:00
Damien Miller 1845fe6bda - djm@cvs.openbsd.org 2014/06/24 02:21:01
[scp.c]
     when copying local->remote fails during read, don't send uninitialised
     heap to the remote end. Reported by Jann Horn
2014-07-02 15:29:01 +10:00
Damien Miller e00167307e - deraadt@cvs.openbsd.org 2013/11/20 20:53:10
[scp.c]
     unsigned casts for ctype macros where neccessary
     ok guenther millert markus
2013-11-21 13:56:49 +11:00
Damien Miller bc35d92e78 - djm@cvs.openbsd.org 2013/06/22 06:31:57
[scp.c]
     improved time_t overflow check suggested by guenther@
2013-07-18 16:11:25 +10:00
Damien Miller 8158441d01 - djm@cvs.openbsd.org 2013/06/21 05:43:10
[scp.c]
     make this -Wsign-compare clean after time_t conversion
2013-07-18 16:11:07 +10:00
Damien Miller 044bd2a7dd - guenther@cvs.openbsd.org 2013/06/17 04:48:42
[scp.c]
     Handle time_t values as long long's when formatting them and when
     parsing them from remote servers.
     Improve error checking in parsing of 'T' lines.

     ok dtucker@ deraadt@
2013-07-18 16:09:25 +10:00
Darren Tucker 194454d7a8 - dtucker@cvs.openbsd.org 2013/06/04 19:12:23
[scp.c]
     use MAXPATHLEN for buffer size instead of fixed value.  ok markus
2013-06-06 08:16:04 +10:00
Darren Tucker 3750fce6ac - dtucker@cvs.openbsd.org 2013/06/01 20:59:25
[scp.c sftp-client.c]
     Replace S_IWRITE, which isn't standardized, with S_IWUSR, which is.  Patch
     from Nathan Osman via bz#2113.  ok deraadt.

(note: corrected bug number from 2085)
2013-06-02 07:52:21 +10:00
Darren Tucker a627d42e51 - djm@cvs.openbsd.org 2013/05/17 00:13:13
[xmalloc.h cipher.c sftp-glob.c ssh-keyscan.c ssh.c sftp-common.c
     ssh-ecdsa.c auth2-chall.c compat.c readconf.c kexgexs.c monitor.c
     gss-genr.c cipher-3des1.c kex.c monitor_wrap.c ssh-pkcs11-client.c
     auth-options.c rsa.c auth2-pubkey.c sftp.c hostfile.c auth2.c
     servconf.c auth.c authfile.c xmalloc.c uuencode.c sftp-client.c
     auth2-gss.c sftp-server.c bufaux.c mac.c session.c jpake.c kexgexc.c
     sshconnect.c auth-chall.c auth2-passwd.c sshconnect1.c buffer.c
     kexecdhs.c kexdhs.c ssh-rsa.c auth1.c ssh-pkcs11.c auth2-kbdint.c
     kexdhc.c sshd.c umac.c ssh-dss.c auth2-jpake.c bufbn.c clientloop.c
     monitor_mm.c scp.c roaming_client.c serverloop.c key.c auth-rsa.c
     ssh-pkcs11-helper.c ssh-keysign.c ssh-keygen.c match.c channels.c
     sshconnect2.c addrmatch.c mux.c canohost.c kexecdhc.c schnorr.c
     ssh-add.c misc.c auth2-hostbased.c ssh-agent.c bufec.c groupaccess.c
     dns.c packet.c readpass.c authfd.c moduli.c]
     bye, bye xfree(); ok markus@
2013-06-02 07:31:17 +10:00
Darren Tucker dbee308253 - dtucker@cvs.openbsd.org 2013/05/16 09:08:41
[log.c scp.c sshd.c serverloop.c schnorr.c sftp.c]
     Fix some "unused result" warnings found via clang and -portable.
     ok markus@
2013-05-16 20:32:29 +10:00
Damien Miller 63b4bcd04e - (djm) [configure.ac log.c scp.c sshconnect2.c openbsd-compat/vis.c]
[openbsd-compat/vis.h] FreeBSD's strnvis isn't compatible with OpenBSD's
   so mark it as broken. Patch from des AT des.no
2013-03-20 12:55:14 +11:00
Damien Miller 0603d98b4e - djm@cvs.openbsd.org 2011/09/09 22:37:01
[scp.c]
     suppress adding '--' to remote commandlines when the first argument
     does not start with '-'. saves breakage on some difficult-to-upgrade
     embedded/router platforms; feedback & ok dtucker ok markus
2011-09-22 21:38:00 +10:00
Damien Miller 907998df72 - jmc@cvs.openbsd.org 2010/12/09 14:13:33
[scp.1 scp.c]
     scp.1: grammer fix
     scp.c: add -3 to usage()
2011-01-06 22:41:21 +11:00
Damien Miller f12114366b - markus@cvs.openbsd.org 2010/12/08 22:46:03
[scp.1 scp.c]
     add a new -3 option to scp: Copies between two remote hosts are
     transferred through the local host.  Without this option the data
     is copied directly between the two remote hosts. ok djm@ (bugzilla #1837)
2011-01-06 22:40:30 +11:00
Damien Miller 87dc0a4188 - djm@cvs.openbsd.org 2010/11/26 05:52:49
[scp.c]
     Pass through ssh command-line flags and options when doing remote-remote
     transfers, e.g. to enable agent forwarding which is particularly useful
     in this case; bz#1837 ok dtucker@
2010-12-01 12:03:19 +11:00
Damien Miller 65e42f87fe - djm@cvs.openbsd.org 2010/09/22 22:58:51
[atomicio.c atomicio.h misc.c misc.h scp.c sftp-client.c]
     [sftp-client.h sftp.1 sftp.c]
     add an option per-read/write callback to atomicio

     factor out bandwidth limiting code from scp(1) into a generic bandwidth
     limiter that can be attached using the atomicio callback mechanism

     add a bandwidth limit option to sftp(1) using the above
     "very nice" markus@
2010-09-24 22:15:11 +10:00
Damien Miller 0979b40934 - millert@cvs.openbsd.org 2010/07/01 13:06:59
[scp.c]
     Fix a longstanding problem where if you suspend scp at the
     password/passphrase prompt the terminal mode is not restored.
     OK djm@
2010-07-02 13:37:33 +10:00
Darren Tucker b8c884a0ba - guenther@cvs.openbsd.org 2009/12/20 07:28:36
[ssh.c sftp.c scp.c]
     When passing user-controlled options with arguments to other programs,
     pass the option and option argument as separate argv entries and
     not smashed into one (e.g., as -l foo and not -lfoo).  Also, always
     pass a "--" argument to stop option parsing, so that a positional
     argument that starts with a '-' isn't treated as an option.  This
     fixes some error cases as well as the handling of hostnames and
     filenames that start with a '-'.
     Based on a diff by halex@
     ok halex@ djm@ deraadt@
2010-01-08 18:53:43 +11:00
Damien Miller b4acb47f5f - stevesk@cvs.openbsd.org 2008/10/10 04:55:16
[scp.c]
     spelling in comment; ok djm@
2008-11-03 19:23:45 +11:00
Damien Miller d8968adb5f - (djm) [atomicio.c channels.c clientloop.c defines.h includes.h]
[packet.c scp.c serverloop.c sftp-client.c ssh-agent.c ssh-keyscan.c]
   [sshd.c] Explicitly handle EWOULDBLOCK wherever we handle EAGAIN, on
   some platforms (HP nonstop) it is a distinct errno;
   bz#1467 reported by sconeu AT yahoo.com; ok dtucker@
2008-07-04 23:10:49 +10:00
Darren Tucker 03ccc9b142 - dtucker@cvs.openbsd.org 2008/06/13 18:55:22
[scp.c]
     Prevent -Wsign-compare warnings on LP64 systems.  bz #1192, ok deraadt@
2008-06-14 09:02:25 +10:00
Tim Rice 3eb144911c - (tim) [scp.c] Use poll.h if available, fall back to sys/poll.h if not. Patch
by vinschen at redhat.com.
2008-03-13 17:59:50 -07:00
Darren Tucker ccb13eedd7 - (dtucker) [scp.c] Include sys/poll.h inside HAVE_SYS_POLL_H. 2008-02-29 15:07:01 +11:00
Darren Tucker 9b439c1adc - dtucker@cvs.openbsd.org 2008/01/01 09:06:39
[scp.c]
     If scp -p encounters a pre-epoch timestamp, use the epoch which is
     as close as we can get given that it's used unsigned.  Add a little
     debugging while there.  bz #828, ok djm@
2008-01-01 20:33:57 +11:00
Darren Tucker e566230cb0 - (dtucker) [scp.c] Update $OpenBSD tag missing from rev 1.175 and remove
leftover debug code.
2007-12-02 22:48:40 +11:00
Damien Miller c77cadbff0 - djm@cvs.openbsd.org 2007/10/24 03:44:02
[scp.c]
     factor out network read/write into an atomicio()-like function, and
     use it to handle short reads, apply bandwidth limits and update
     counters. make network IO non-blocking, so a small trickle of
     reads/writes has a chance of updating the progress meter; bz #799
     ok dtucker@
2007-10-26 15:39:15 +10:00
Damien Miller 647d97b1ab - sobrado@cvs.openbsd.org 2007/08/06 19:16:06
[scp.1 scp.c]
     the ellipsis is not an optional argument; while here, sync the usage
     and synopsis of commands
     lots of good ideas by jmc@
     ok jmc@
2007-08-08 14:29:58 +10:00
Darren Tucker 067263e848 - djm@cvs.openbsd.org 2007/06/13 00:21:27
[scp.c]
     don't ftruncate() non-regular files; bz#1236 reported by wood AT
     xmission.com; ok dtucker@
2007-06-25 18:32:33 +10:00
Darren Tucker bed63112f5 - dtucker@cvs.openbsd.org 2007/06/12 13:54:28
[scp.c]
     Encode filename with strnvis if the name contains a newline (which can't
     be represented in the scp protocol), from bz #891.  ok markus@
2007-06-13 00:02:07 +10:00
Darren Tucker 43ce902449 - djm@cvs.openbsd.org 2007/06/12 08:24:20
[scp.c]
     make scp try to skip FIFOs rather than blocking when nothing is listening.
     depends on the platform supporting sane O_NONBLOCK semantics for open
     on FIFOs (apparently POSIX does not mandate this), which OpenBSD does.
     bz #856; report by cjwatson AT debian.org; ok markus@
2007-06-12 23:41:06 +10:00
Darren Tucker 6ec2fbec8b - djm@cvs.openbsd.org 2007/01/22 13:06:21
[scp.c]
     fix detection of whether we should show progress meter or not: scp
     tested isatty(stderr) but wrote the progress meter to stdout. This patch
     makes it test stdout. bz#1265 reported by junkmail AT bitsculpture.com;
     of dtucker@
2007-02-19 22:14:11 +11:00
Damien Miller d783435315 - deraadt@cvs.openbsd.org 2006/08/03 03:34:42
[OVERVIEW atomicio.c atomicio.h auth-bsdauth.c auth-chall.c auth-krb5.c]
     [auth-options.c auth-options.h auth-passwd.c auth-rh-rsa.c auth-rhosts.c]
     [auth-rsa.c auth-skey.c auth.c auth.h auth1.c auth2-chall.c auth2-gss.c]
     [auth2-hostbased.c auth2-kbdint.c auth2-none.c auth2-passwd.c ]
     [auth2-pubkey.c auth2.c authfd.c authfd.h authfile.c bufaux.c bufbn.c]
     [buffer.c buffer.h canohost.c channels.c channels.h cipher-3des1.c]
     [cipher-bf1.c cipher-ctr.c cipher.c cleanup.c clientloop.c compat.c]
     [compress.c deattack.c dh.c dispatch.c dns.c dns.h fatal.c groupaccess.c]
     [groupaccess.h gss-genr.c gss-serv-krb5.c gss-serv.c hostfile.c kex.c]
     [kex.h kexdh.c kexdhc.c kexdhs.c kexgex.c kexgexc.c kexgexs.c key.c]
     [key.h log.c log.h mac.c match.c md-sha256.c misc.c misc.h moduli.c]
     [monitor.c monitor_fdpass.c monitor_mm.c monitor_mm.h monitor_wrap.c]
     [monitor_wrap.h msg.c nchan.c packet.c progressmeter.c readconf.c]
     [readconf.h readpass.c rsa.c scard.c scard.h scp.c servconf.c servconf.h]
     [serverloop.c session.c session.h sftp-client.c sftp-common.c]
     [sftp-common.h sftp-glob.c sftp-server.c sftp.c ssh-add.c ssh-agent.c]
     [ssh-dss.c ssh-gss.h ssh-keygen.c ssh-keyscan.c ssh-keysign.c ssh-rsa.c]
     [ssh.c ssh.h sshconnect.c sshconnect.h sshconnect1.c sshconnect2.c]
     [sshd.c sshlogin.c sshlogin.h sshpty.c sshpty.h sshtty.c ttymodes.c]
     [uidswap.c uidswap.h uuencode.c uuencode.h xmalloc.c xmalloc.h]
     [loginrec.c loginrec.h openbsd-compat/port-aix.c openbsd-compat/port-tun.h]
     almost entirely get rid of the culture of ".h files that include .h files"
     ok djm, sort of ok stevesk
     makes the pain stop in one easy step
     NB. portable commit contains everything *except* removing includes.h, as
     that will take a fair bit more work as we move headers that are required
     for portability workarounds to defines.h. (also, this step wasn't "easy")
2006-08-05 12:39:39 +10:00
Damien Miller a7a73ee35d - stevesk@cvs.openbsd.org 2006/08/01 23:22:48
[auth-passwd.c auth-rhosts.c auth-rsa.c auth.c auth.h auth1.c]
     [auth2-chall.c auth2-pubkey.c authfile.c buffer.c canohost.c]
     [channels.c clientloop.c dh.c dns.c dns.h hostfile.c kex.c kexdhc.c]
     [kexgexc.c kexgexs.c key.c key.h log.c misc.c misc.h moduli.c]
     [monitor_wrap.c packet.c progressmeter.c readconf.c readpass.c scp.c]
     [servconf.c session.c sftp-client.c sftp-common.c sftp-server.c sftp.c]
     [ssh-add.c ssh-agent.c ssh-keygen.c ssh-keyscan.c ssh.c sshconnect.c]
     [sshconnect1.c sshconnect2.c sshd.c sshlogin.c sshtty.c uuencode.c]
     [uuencode.h xmalloc.c]
     move #include <stdio.h> out of includes.h
2006-08-05 11:37:59 +10:00
Damien Miller e7a1e5cf63 - stevesk@cvs.openbsd.org 2006/07/26 13:57:17
[authfd.c authfile.c dh.c canohost.c channels.c clientloop.c compat.c]
     [hostfile.c kex.c log.c misc.c moduli.c monitor.c packet.c readpass.c]
     [scp.c servconf.c session.c sftp-server.c sftp.c ssh-add.c ssh-agent.c]
     [ssh-keygen.c ssh-keyscan.c ssh-keysign.c ssh.c sshconnect.c]
     [sshconnect1.c sshd.c xmalloc.c]
     move #include <stdlib.h> out of includes.h
2006-08-05 11:34:19 +10:00
Damien Miller 8dbffe7904 - stevesk@cvs.openbsd.org 2006/07/26 02:35:17
[atomicio.c auth.c dh.c authfile.c buffer.c clientloop.c kex.c]
     [groupaccess.c gss-genr.c kexgexs.c misc.c monitor.c monitor_mm.c]
     [packet.c scp.c serverloop.c session.c sftp-client.c sftp-common.c]
     [sftp-server.c sftp.c ssh-add.c ssh-agent.c ssh-keygen.c sshlogin.c]
     [uidswap.c xmalloc.c]
     move #include <sys/param.h> out of includes.h
2006-08-05 11:02:17 +10:00
Damien Miller 9aec91948d - stevesk@cvs.openbsd.org 2006/07/25 02:59:21
[channels.c clientloop.c packet.c scp.c serverloop.c sftp-client.c]
     [sftp-server.c ssh-agent.c ssh-keyscan.c sshconnect.c sshd.c]
     move #include <sys/time.h> out of includes.h
2006-08-05 10:57:45 +10:00
Damien Miller e3476ed03b - stevesk@cvs.openbsd.org 2006/07/22 20:48:23
[atomicio.c auth-options.c auth-passwd.c auth-rhosts.c auth-rsa.c]
     [auth.c auth1.c auth2-chall.c auth2-hostbased.c auth2-passwd.c auth2.c]
     [authfd.c authfile.c bufaux.c bufbn.c buffer.c canohost.c channels.c]
     [cipher-3des1.c cipher-bf1.c cipher-ctr.c cipher.c clientloop.c]
     [compat.c deattack.c dh.c dns.c gss-genr.c gss-serv.c hostfile.c]
     [includes.h kex.c kexdhc.c kexdhs.c kexgexc.c kexgexs.c key.c log.c]
     [mac.c match.c md-sha256.c misc.c moduli.c monitor.c monitor_fdpass.c]
     [monitor_mm.c monitor_wrap.c msg.c nchan.c packet.c rsa.c]
     [progressmeter.c readconf.c readpass.c scp.c servconf.c serverloop.c]
     [session.c sftp-client.c sftp-common.c sftp-glob.c sftp-server.c sftp.c]
     [ssh-add.c ssh-agent.c ssh-dss.c ssh-keygen.c ssh-keyscan.c]
     [ssh-keysign.c ssh-rsa.c ssh.c sshconnect.c sshconnect1.c sshconnect2.c]
     [sshd.c sshlogin.c sshpty.c ttymodes.c uidswap.c xmalloc.c]
     move #include <string.h> out of includes.h
2006-07-24 14:13:33 +10:00
Damien Miller 5598b4f125 - stevesk@cvs.openbsd.org 2006/07/22 19:08:54
[includes.h moduli.c progressmeter.c scp.c sftp-common.c]
     [sftp-server.c ssh-agent.c sshlogin.c]
     move #include <time.h> out of includes.h
2006-07-24 14:09:40 +10:00
Damien Miller e6b3b610ec - stevesk@cvs.openbsd.org 2006/07/17 01:31:10
[authfd.c authfile.c channels.c cleanup.c clientloop.c groupaccess.c]
     [includes.h log.c misc.c msg.c packet.c progressmeter.c readconf.c]
     [readpass.c scp.c servconf.c sftp-client.c sftp-server.c sftp.c]
     [ssh-add.c ssh-agent.c ssh-keygen.c ssh-keyscan.c ssh-keysign.c ssh.c]
     [sshconnect.c sshlogin.c sshpty.c uidswap.c]
     move #include <unistd.h> out of includes.h
2006-07-24 14:01:23 +10:00
Darren Tucker 3997249346 - stevesk@cvs.openbsd.org 2006/07/11 20:07:25
[scp.c auth.c monitor.c serverloop.c sftp-server.c sshpty.c readpass.c
     sshd.c monitor_wrap.c monitor_fdpass.c ssh-agent.c ttymodes.c atomicio.c
     includes.h session.c sshlogin.c monitor_mm.c packet.c sshconnect2.c
     sftp-client.c nchan.c clientloop.c sftp.c misc.c canohost.c channels.c
     ssh-keygen.c progressmeter.c uidswap.c msg.c readconf.c sshconnect.c]
     move #include <errno.h> out of includes.h; ok markus@
2006-07-12 22:22:46 +10:00
Darren Tucker 5d19626a04 - stevesk@cvs.openbsd.org 2006/07/10 16:37:36
[readpass.c log.h scp.c fatal.c xmalloc.c includes.h ssh-keyscan.c misc.c
     auth.c packet.c log.c]
     move #include <stdarg.h> out of includes.h; ok markus@
2006-07-12 22:15:16 +10:00
Damien Miller 3d1a9f4d5d - djm@cvs.openbsd.org 2006/07/10 12:03:20
[scp.c]
     duplicate argv at the start of main() because it gets modified later;
     pointed out by deraadt@ ok markus@
2006-07-10 22:19:53 +10:00
Damien Miller 57cf638577 - stevesk@cvs.openbsd.org 2006/07/09 15:15:11
[auth2-none.c authfd.c authfile.c includes.h misc.c monitor.c]
     [readpass.c scp.c serverloop.c sftp-client.c sftp-server.c]
     [ssh-add.c ssh-agent.c ssh-keygen.c ssh-keysign.c ssh.c sshd.c]
     [sshlogin.c sshpty.c]
     move #include <fcntl.h> out of includes.h
2006-07-10 21:13:46 +10:00
Damien Miller 9f2abc47eb - stevesk@cvs.openbsd.org 2006/07/06 16:03:53
[auth-options.c auth-options.h auth-passwd.c auth-rh-rsa.c]
     [auth-rhosts.c auth-rsa.c auth.c auth.h auth2-hostbased.c]
     [auth2-pubkey.c auth2.c includes.h misc.c misc.h monitor.c]
     [monitor_wrap.c monitor_wrap.h scp.c serverloop.c session.c]
     [session.h sftp-common.c ssh-add.c ssh-keygen.c ssh-keysign.c]
     [ssh.c sshconnect.c sshconnect.h sshd.c sshpty.c sshpty.h uidswap.c]
     [uidswap.h]
     move #include <pwd.h> out of includes.h; ok markus@
2006-07-10 20:53:08 +10:00
Damien Miller 40b5985fe0 - markus@cvs.openbsd.org 2006/05/17 12:43:34
[scp.c sftp.c ssh-agent.c ssh-keygen.c sshconnect.c]
     fix leak; coverity via Kylene Jo Hall
2006-06-13 13:00:25 +10:00
Damien Miller 7a656f7922 - djm@cvs.openbsd.org 2006/04/01 05:50:29
[scp.c]
     xasprintification; ok deraadt@
2006-04-23 12:04:46 +10:00
Damien Miller 07aa132a5e - (djm) OpenBSD CVS Sync
- deraadt@cvs.openbsd.org 2006/04/01 05:42:20
     [scp.c]
     minimal lint cleanup (unused crud, and some size_t); ok djm
2006-04-23 12:04:27 +10:00
Damien Miller 57c30117c1 - djm@cvs.openbsd.org 2006/03/25 13:17:03
[atomicio.c auth-bsdauth.c auth-chall.c auth-options.c auth-passwd.c]
     [auth-rh-rsa.c auth-rhosts.c auth-rsa.c auth-skey.c auth.c auth1.c]
     [auth2-chall.c auth2-hostbased.c auth2-kbdint.c auth2-none.c]
     [auth2-passwd.c auth2-pubkey.c auth2.c authfd.c authfile.c bufaux.c]
     [buffer.c canohost.c channels.c cipher-3des1.c cipher-bf1.c]
     [cipher-ctr.c cipher.c cleanup.c clientloop.c compat.c compress.c]
     [deattack.c dh.c dispatch.c fatal.c groupaccess.c hostfile.c kex.c]
     [kexdh.c kexdhc.c kexdhs.c kexgex.c kexgexc.c kexgexs.c key.c log.c]
     [mac.c match.c md-sha256.c misc.c monitor.c monitor_fdpass.c]
     [monitor_mm.c monitor_wrap.c msg.c nchan.c packet.c progressmeter.c]
     [readconf.c readpass.c rsa.c scard.c scp.c servconf.c serverloop.c]
     [session.c sftp-client.c sftp-common.c sftp-glob.c sftp-server.c]
     [sftp.c ssh-add.c ssh-agent.c ssh-dss.c ssh-keygen.c ssh-keyscan.c]
     [ssh-keysign.c ssh-rsa.c ssh.c sshconnect.c sshconnect1.c]
     [sshconnect2.c sshd.c sshlogin.c sshpty.c sshtty.c ttymodes.c]
     [uidswap.c uuencode.c xmalloc.c]
     Put $OpenBSD$ tags back (as comments) to replace the RCSID()s that
     Theo nuked - our scripts to sync -portable need them in the files
2006-03-26 14:24:48 +11:00
Damien Miller 36812092ec - djm@cvs.openbsd.org 2006/03/25 01:13:23
[buffer.c channels.c deattack.c misc.c scp.c session.c sftp-client.c]
     [sftp-server.c ssh-agent.c ssh-rsa.c xmalloc.c xmalloc.h auth-pam.c]
     [uidswap.c]
     change OpenSSH's xrealloc() function from being xrealloc(p, new_size)
     to xrealloc(p, new_nmemb, new_itemsize).

     realloc is particularly prone to integer overflows because it is
     almost always allocating "n * size" bytes, so this is a far safer
     API; ok deraadt@
2006-03-26 14:22:47 +11:00