- Merged more OpenBSD changes:
- [atomicio.c authfd.c scp.c serverloop.c ssh.h sshconnect.c sshd.c]
move atomicio into it's own file. wrap all socket write()s which
were doing write(sock, buf, len) != len, with atomicio() calls.
- [auth-skey.c]
fd leak
- [authfile.c]
properly name fd variable
- [channels.c]
display great hatred towards strcpy
- [pty.c pty.h sshd.c]
use openpty() if it exists (it does on BSD4_4)
- [tildexpand.c]
check for ~ expansion past MAXPATHLEN
- Modified helper.c to use new atomicio function.
- Reformat Makefile a little
- Moved RC4 routines from rc4.[ch] into helper.c
- Added autoconf code to detect /dev/ptmx (Solaris) and /dev/ptc (AIX)
diff --git a/tildexpand.c b/tildexpand.c
index 8ee551f..f615362 100644
--- a/tildexpand.c
+++ b/tildexpand.c
@@ -6,7 +6,7 @@
*/
#include "includes.h"
-RCSID("$Id: tildexpand.c,v 1.3 1999/11/25 00:54:59 damien Exp $");
+RCSID("$Id: tildexpand.c,v 1.4 1999/12/07 04:38:32 damien Exp $");
#include "xmalloc.h"
#include "ssh.h"
@@ -23,6 +23,7 @@
char *expanded;
struct passwd *pw;
char user[100];
+ int len;
/* Return immediately if no tilde. */
if (filename[0] != '~')
@@ -56,7 +57,10 @@
return xstrdup(pw->pw_dir);
}
/* Build a path combining the specified directory and path. */
- expanded = xmalloc(strlen(pw->pw_dir) + strlen(cp + 1) + 2);
- sprintf(expanded, "%s/%s", pw->pw_dir, cp + 1);
+ len = strlen(pw->pw_dir) + strlen(cp + 1) + 2;
+ if (len > MAXPATHLEN)
+ fatal("Home directory too long (%d > %d", len-1, MAXPATHLEN-1);
+ expanded = xmalloc(len);
+ snprintf(expanded, len, "%s/%s", pw->pw_dir, cp + 1);
return expanded;
}