diff options
author | Colin Watson <cjwatson@debian.org> | 2008-05-26 09:42:02 +0000 |
---|---|---|
committer | Colin Watson <cjwatson@debian.org> | 2008-05-26 09:42:02 +0000 |
commit | 38f3f889e7a7180d25036e41d5454d5cbf0dbe91 (patch) | |
tree | e159ada56899a01b10ce2d012b0f682e069f70f4 | |
parent | 086170cb0ab5c16d8bc17aff3f7abb7556794757 (diff) |
Use xasprintf to build user key file names in ssh-vulnkey, avoiding
truncation problems (thanks, Solar Designer).
-rw-r--r-- | debian/changelog | 2 | ||||
-rw-r--r-- | ssh-vulnkey.c | 11 |
2 files changed, 9 insertions, 4 deletions
diff --git a/debian/changelog b/debian/changelog index 6dafdad96..6023c99df 100644 --- a/debian/changelog +++ b/debian/changelog | |||
@@ -52,6 +52,8 @@ openssh (1:4.7p1-11) UNRELEASED; urgency=low | |||
52 | * Allow building with heimdal-dev (LP: #125805). | 52 | * Allow building with heimdal-dev (LP: #125805). |
53 | * Fix some buffer handling inconsistencies in ssh-vulnkey (thanks, Solar | 53 | * Fix some buffer handling inconsistencies in ssh-vulnkey (thanks, Solar |
54 | Designer). | 54 | Designer). |
55 | * Use xasprintf to build user key file names in ssh-vulnkey, avoiding | ||
56 | truncation problems (thanks, Solar Designer). | ||
55 | 57 | ||
56 | -- Colin Watson <cjwatson@debian.org> Sat, 17 May 2008 08:48:45 +0200 | 58 | -- Colin Watson <cjwatson@debian.org> Sat, 17 May 2008 08:48:45 +0200 |
57 | 59 | ||
diff --git a/ssh-vulnkey.c b/ssh-vulnkey.c index 467bef091..8e1f11f79 100644 --- a/ssh-vulnkey.c +++ b/ssh-vulnkey.c | |||
@@ -266,16 +266,19 @@ int | |||
266 | do_user(const char *dir) | 266 | do_user(const char *dir) |
267 | { | 267 | { |
268 | int i; | 268 | int i; |
269 | char buf[MAXPATHLEN]; | 269 | char *file; |
270 | struct stat st; | 270 | struct stat st; |
271 | int ret = 1; | 271 | int ret = 1; |
272 | 272 | ||
273 | for (i = 0; default_files[i]; i++) { | 273 | for (i = 0; default_files[i]; i++) { |
274 | snprintf(buf, sizeof(buf), "%s/%s", dir, default_files[i]); | 274 | xasprintf(&file, "%s/%s", dir, default_files[i]); |
275 | if (stat(buf, &st) < 0 && errno == ENOENT) | 275 | if (stat(file, &st) < 0 && errno == ENOENT) { |
276 | xfree(file); | ||
276 | continue; | 277 | continue; |
277 | if (!do_filename(buf, 0)) | 278 | } |
279 | if (!do_filename(file, 0)) | ||
278 | ret = 0; | 280 | ret = 0; |
281 | xfree(file); | ||
279 | } | 282 | } |
280 | 283 | ||
281 | return ret; | 284 | return ret; |