Gitiles
Code Review Sign In
gerrit-public.fairphone.software / platform / external / openssh / afbfa68fa18081ef05a9cd294958509a5d3cda8b^! / . / authfile.c
commitafbfa68fa18081ef05a9cd294958509a5d3cda8b[log] [tgz]
authormarkus@openbsd.org <markus@openbsd.org>Tue May 30 08:49:32 2017 +0000
committerDamien Miller <djm@mindrot.org>Wed May 31 10:46:03 2017 +1000
tree807b81229a95598958e9c8b7494a130c3dea7b85
parent813f55336a24fdfc45e7ed655fccc7d792e8f859 [diff] [blame]
upstream commit

revise sshkey_load_public(): remove ssh1 related
comments, remove extra open()/close() on keyfile, prevent leak of 'pub' if
'keyp' is NULL, replace strlcpy+cat with asprintf; ok djm@

Upstream-ID: 6175e47cab5b4794dcd99c1175549a483ec673ca

diff --git a/authfile.c b/authfile.c
index d28ae0d..af4190e 100644
--- a/authfile.c
+++ b/authfile.c

@@ -1,4 +1,4 @@
-/* $OpenBSD: authfile.c,v 1.124 2017/04/30 23:10:43 djm Exp $ */
+/* $OpenBSD: authfile.c,v 1.125 2017/05/30 08:49:32 markus Exp $ */
 /*
  * Copyright (c) 2000, 2013 Markus Friedl.  All rights reserved.
  *
@@ -316,50 +316,48 @@
 	return SSH_ERR_INVALID_FORMAT;
 }
 
-/* load public key from ssh v1 private or any pubkey file */
+/* load public key from any pubkey file */
 int
 sshkey_load_public(const char *filename, struct sshkey **keyp, char **commentp)
 {
 	struct sshkey *pub = NULL;
-	char file[PATH_MAX];
-	int r, fd;
+	char *file = NULL;
+	int r;
 
 	if (keyp != NULL)
 		*keyp = NULL;
 	if (commentp != NULL)
 		*commentp = NULL;
 
-	/* XXX should load file once and attempt to parse each format */
-
-	if ((fd = open(filename, O_RDONLY)) < 0)
-		goto skip;
-	close(fd);
-
-	/* try ssh2 public key */
 	if ((pub = sshkey_new(KEY_UNSPEC)) == NULL)
 		return SSH_ERR_ALLOC_FAIL;
 	if ((r = sshkey_try_load_public(pub, filename, commentp)) == 0) {
-		if (keyp != NULL)
+		if (keyp != NULL) {
 			*keyp = pub;
-		return 0;
+			pub = NULL;
+		}
+		r = 0;
+		goto out;
 	}
 	sshkey_free(pub);
 
-
- skip:
 	/* try .pub suffix */
-	if ((pub = sshkey_new(KEY_UNSPEC)) == NULL)
+	if (asprintf(&file, "%s.pub", filename) == -1)
 		return SSH_ERR_ALLOC_FAIL;
-	r = SSH_ERR_ALLOC_FAIL;	/* in case strlcpy or strlcat fail */
-	if ((strlcpy(file, filename, sizeof file) < sizeof(file)) &&
-	    (strlcat(file, ".pub", sizeof file) < sizeof(file)) &&
-	    (r = sshkey_try_load_public(pub, file, commentp)) == 0) {
-		if (keyp != NULL)
-			*keyp = pub;
-		return 0;
+	if ((pub = sshkey_new(KEY_UNSPEC)) == NULL) {
+		r = SSH_ERR_ALLOC_FAIL;
+		goto out;
 	}
+	if ((r = sshkey_try_load_public(pub, file, commentp)) == 0) {
+		if (keyp != NULL) {
+			*keyp = pub;
+			pub = NULL;
+		}
+		r = 0;
+	}
+ out:
+	free(file);
 	sshkey_free(pub);
-
 	return r;
 }