- djm@cvs.openbsd.org 2006/03/25 00:05:41 [auth-bsdauth.c auth-skey.c auth.c auth2-chall.c channels.c] [clientloop.c deattack.c gss-genr.c kex.c key.c misc.c moduli.c] [monitor.c monitor_wrap.c packet.c scard.c sftp-server.c ssh-agent.c] [ssh-keyscan.c ssh.c sshconnect.c sshconnect2.c sshd.c uuencode.c] [xmalloc.c xmalloc.h] introduce xcalloc() and xasprintf() failure-checked allocations functions and use them throughout openssh xcalloc is particularly important because malloc(nmemb * size) is a dangerous idiom (subject to integer overflow) and it is time for it to die feedback and ok deraadt@

commit: 07d86bec5eeaf19fe33dca99c8ebcbe9a77c3938 [log] [tgz]
author: Damien Miller <djm@mindrot.org> Sun Mar 26 14:19:21 2006 +1100
committer: Damien Miller <djm@mindrot.org> Sun Mar 26 14:19:21 2006 +1100
tree: 098295eee2d7ec7b116b0db3ac4b580713dd5ab0
parent: 7cd4579eb3c5afd22ae24436fd2611cd3aa0150a [diff] [blame]
diff --git a/ssh.c b/ssh.c
index 0c95074..f34be67 100644
--- a/ssh.c
+++ b/ssh.c

@@ -687,7 +687,7 @@
 	if (options.rhosts_rsa_authentication ||
 	    options.hostbased_authentication) {
 		sensitive_data.nkeys = 3;
-		sensitive_data.keys = xmalloc(sensitive_data.nkeys *
+		sensitive_data.keys = xcalloc(sensitive_data.nkeys, 
 		    sizeof(Key));
 
 		PRIV_START;
@@ -1250,7 +1250,8 @@
 	int i;
 	char name[1024], *cp;
 
-	strlcpy(name, env, sizeof(name));
+	if (strlcpy(name, env, sizeof(name)) >= sizeof(name))
+		fatal("env_permitted: name too long");
 	if ((cp = strchr(name, '=')) == NULL)
 		return (0);
commit	07d86bec5eeaf19fe33dca99c8ebcbe9a77c3938	[log] [tgz]
author	Damien Miller <djm@mindrot.org>	Sun Mar 26 14:19:21 2006 +1100
committer	Damien Miller <djm@mindrot.org>	Sun Mar 26 14:19:21 2006 +1100
tree	098295eee2d7ec7b116b0db3ac4b580713dd5ab0
parent	7cd4579eb3c5afd22ae24436fd2611cd3aa0150a [diff] [blame]