commit fbbfa8422f8317bcac829e1673dced62f49d59ba
author Ben Lindstrom <mouring@eviladmin.org> Thu Jul 04 00:10:34 2002 +0000
committer Ben Lindstrom <mouring@eviladmin.org> Thu Jul 04 00:10:34 2002 +0000
tree 9484c121bc8d93e492d8307f2572951c55fb83cf
parent b1bdc5a6adae8f5e4d4a4f67c5aba488b5993d5e

   - deraadt@cvs.openbsd.org 2002/06/28 10:08:25
     [sshd.c]
     range check -u option at invocation

ChangeLog

diff --git a/ChangeLog b/ChangeLog
index 4b093da..cad81ca 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -24,6 +24,9 @@
    - deraadt@cvs.openbsd.org 2002/06/28 01:50:37
      [monitor_wrap.c]
      use ssize_t
+   - deraadt@cvs.openbsd.org 2002/06/28 10:08:25
+     [sshd.c]
+     range check -u option at invocation
 
 20020702
  - (djm) Use PAM_MSG_MEMBER for PAM_TEXT_INFO messages, use xmalloc & 
@@ -1232,4 +1235,4 @@
  - (stevesk) entropy.c: typo in debug message
  - (djm) ssh-keygen -i needs seeded RNG; report from markus@
 
-$Id: ChangeLog,v 1.2321 2002/07/04 00:09:26 mouring Exp $
+$Id: ChangeLog,v 1.2322 2002/07/04 00:10:34 mouring Exp $

sshd.c

diff --git a/sshd.c b/sshd.c
index d2524c4..21db6d5 100644
--- a/sshd.c
+++ b/sshd.c
@@ -42,7 +42,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: sshd.c,v 1.251 2002/06/25 18:51:04 markus Exp $");
+RCSID("$OpenBSD: sshd.c,v 1.252 2002/06/28 10:08:25 deraadt Exp $");
 
 #include <openssl/dh.h>
 #include <openssl/bn.h>
@@ -906,6 +906,8 @@
 			break;
 		case 'u':
 			utmp_len = atoi(optarg);
+			if (utmp_len < 0 || utmp_len > MAXHOSTNAMELEN)
+				usage();
 			break;
 		case 'o':
 			if (process_server_config_line(&options, optarg,