upstream commit

Replace <sys/param.h> with <limits.h> and other less
 dirty headers where possible.  Annotate <sys/param.h> lines with their
 current reasons.  Switch to PATH_MAX, NGROUPS_MAX, HOST_NAME_MAX+1,
 LOGIN_NAME_MAX, etc.  Change MIN() and MAX() to local definitions of
 MINIMUM() and MAXIMUM() where sensible to avoid pulling in the pollution.
 These are the files confirmed through binary verification. ok guenther,
 millert, doug (helped with the verification protocol)

13 files changed, 40 insertions, 32 deletions

diff --git a/atomicio.c b/atomicio.c
index 2bac36c91..b1ec234f5 100644
--- a/atomicio.c
+++ b/atomicio.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: atomicio.c,v 1.26 2010/09/22 22:58:51 djm Exp $ */
+/* $OpenBSD: atomicio.c,v 1.27 2015/01/16 06:40:12 deraadt Exp $ */
 /*
  * Copyright (c) 2006 Damien Miller. All rights reserved.
  * Copyright (c) 2005 Anil Madhavapeddy. All rights reserved.
@@ -41,6 +41,7 @@
 #endif
 #include <string.h>
 #include <unistd.h>
+#include <limits.h>
 
 #include "atomicio.h"
 
diff --git a/misc.c b/misc.c
index 2f11de40f..38af3dfe3 100644
--- a/misc.c
+++ b/misc.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: misc.c,v 1.95 2014/10/24 02:01:20 lteo Exp $ */
+/* $OpenBSD: misc.c,v 1.96 2015/01/16 06:40:12 deraadt Exp $ */
 /*
  * Copyright (c) 2000 Markus Friedl.  All rights reserved.
  * Copyright (c) 2005,2006 Damien Miller.  All rights reserved.
@@ -30,8 +30,8 @@
 #include <sys/ioctl.h>
 #include <sys/socket.h>
 #include <sys/un.h>
-#include <sys/param.h>
 
+#include <limits.h>
 #include <stdarg.h>
 #include <stdio.h>
 #include <stdlib.h>
@@ -551,7 +551,7 @@ tilde_expand_filename(const char *filename, uid_t uid)
         if (path != NULL)
                 filename = path + 1;
 
-        if (xasprintf(&ret, "%s%s%s", pw->pw_dir, sep, filename) >= MAXPATHLEN)
+        if (xasprintf(&ret, "%s%s%s", pw->pw_dir, sep, filename) >= PATH_MAX)
                 fatal("tilde_expand_filename: Path too long");
 
         return (ret);
diff --git a/readconf.c b/readconf.c
index a122d176d..cb61a5af0 100644
--- a/readconf.c
+++ b/readconf.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: readconf.c,v 1.227 2015/01/15 09:40:00 djm Exp $ */
+/* $OpenBSD: readconf.c,v 1.228 2015/01/16 06:40:12 deraadt Exp $ */
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -28,6 +28,7 @@
 #include <ctype.h>
 #include <errno.h>
 #include <fcntl.h>
+#include <limits.h>
 #include <netdb.h>
 #ifdef HAVE_PATHS_H
 # include <paths.h>
diff --git a/scp.c b/scp.c
index 1ec3b7087..887b014b8 100644
--- a/scp.c
+++ b/scp.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: scp.c,v 1.180 2014/06/24 02:21:01 djm Exp $ */
+/* $OpenBSD: scp.c,v 1.181 2015/01/16 06:40:12 deraadt Exp $ */
 /*
  * scp - secure remote copy.  This is basically patched BSD rcp which
  * uses ssh to do the data transfer (instead of using rcmd).
@@ -95,6 +95,7 @@
 #include <dirent.h>
 #include <errno.h>
 #include <fcntl.h>
+#include <limits.h>
 #include <pwd.h>
 #include <signal.h>
 #include <stdarg.h>
@@ -749,7 +750,7 @@ source(int argc, char **argv)
         off_t i, statbytes;
         size_t amt, nr;
         int fd = -1, haderr, indx;
-        char *last, *name, buf[2048], encname[MAXPATHLEN];
+        char *last, *name, buf[2048], encname[PATH_MAX];
         int len;
 
         for (indx = 0; indx < argc; ++indx) {
@@ -858,7 +859,7 @@ rsource(char *name, struct stat *statp)
 {
         DIR *dirp;
         struct dirent *dp;
-        char *last, *vect[1], path[MAXPATHLEN];
+        char *last, *vect[1], path[PATH_MAX];
 
         if (!(dirp = opendir(name))) {
                 run_err("%s: %s", name, strerror(errno));
diff --git a/servconf.c b/servconf.c
index 1b6bdb4af..475076bf2 100644
--- a/servconf.c
+++ b/servconf.c
@@ -1,5 +1,5 @@
 
-/* $OpenBSD: servconf.c,v 1.258 2015/01/13 07:39:19 djm Exp $ */
+/* $OpenBSD: servconf.c,v 1.259 2015/01/16 06:40:12 deraadt Exp $ */
 /*
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
  *                    All rights reserved
@@ -28,6 +28,7 @@
 #include <string.h>
 #include <signal.h>
 #include <unistd.h>
+#include <limits.h>
 #include <stdarg.h>
 #include <errno.h>
 #ifdef HAVE_UTIL_H
@@ -571,7 +572,7 @@ parse_token(const char *cp, const char *filename,
 char *
 derelativise_path(const char *path)
 {
-        char *expanded, *ret, cwd[MAXPATHLEN];
+        char *expanded, *ret, cwd[PATH_MAX];
 
         if (strcasecmp(path, "none") == 0)
                 return xstrdup("none");
diff --git a/session.c b/session.c
index fbb921bea..54bac36a8 100644
--- a/session.c
+++ b/session.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: session.c,v 1.276 2015/01/14 20:05:27 djm Exp $ */
+/* $OpenBSD: session.c,v 1.277 2015/01/16 06:40:12 deraadt Exp $ */
 /*
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
  *                    All rights reserved
@@ -60,6 +60,7 @@
 #include <stdlib.h>
 #include <string.h>
 #include <unistd.h>
+#include <limits.h>
 
 #include "openbsd-compat/sys-queue.h"
 #include "xmalloc.h"
@@ -1437,7 +1438,7 @@ static void
 safely_chroot(const char *path, uid_t uid)
 {
         const char *cp;
-        char component[MAXPATHLEN];
+        char component[PATH_MAX];
         struct stat st;
 
         if (*path != '/')
diff --git a/ssh-add.c b/ssh-add.c
index 32add8807..5ac51088f 100644
--- a/ssh-add.c
+++ b/ssh-add.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssh-add.c,v 1.116 2015/01/14 20:05:27 djm Exp $ */
+/* $OpenBSD: ssh-add.c,v 1.117 2015/01/16 06:40:12 deraadt Exp $ */
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -39,7 +39,6 @@
 
 #include <sys/types.h>
 #include <sys/stat.h>
-#include <sys/param.h>
 
 #include <openssl/evp.h>
 #include "openbsd-compat/openssl-compat.h"
@@ -52,6 +51,7 @@
 #include <stdlib.h>
 #include <string.h>
 #include <unistd.h>
+#include <limits.h>
 
 #include "xmalloc.h"
 #include "ssh.h"
@@ -573,7 +573,7 @@ main(int argc, char **argv)
                 goto done;
         }
         if (argc == 0) {
-                char buf[MAXPATHLEN];
+                char buf[PATH_MAX];
                 struct passwd *pw;
                 struct stat st;
                 int count = 0;
diff --git a/ssh-agent.c b/ssh-agent.c
index 24500d9d6..ba8d020ad 100644
--- a/ssh-agent.c
+++ b/ssh-agent.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssh-agent.c,v 1.195 2015/01/14 19:33:41 djm Exp $ */
+/* $OpenBSD: ssh-agent.c,v 1.196 2015/01/16 06:40:12 deraadt Exp $ */
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -36,6 +36,7 @@
 
 #include "includes.h"
 
+#include <sys/param.h>  /* MIN MAX */
 #include <sys/types.h>
 #include <sys/param.h>
 #include <sys/resource.h>
@@ -56,6 +57,7 @@
 
 #include <errno.h>
 #include <fcntl.h>
+#include <limits.h>
 #ifdef HAVE_PATHS_H
 # include <paths.h>
 #endif
@@ -134,8 +136,8 @@ time_t parent_alive_interval = 0;
 pid_t cleanup_pid = 0;
 
 /* pathname and directory for AUTH_SOCKET */
-char socket_name[MAXPATHLEN];
-char socket_dir[MAXPATHLEN];
+char socket_name[PATH_MAX];
+char socket_dir[PATH_MAX];
 
 /* locking */
 int locked = 0;
diff --git a/ssh-keygen.c b/ssh-keygen.c
index c8b05e079..9f6106d47 100644
--- a/ssh-keygen.c
+++ b/ssh-keygen.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssh-keygen.c,v 1.252 2015/01/15 09:40:00 djm Exp $ */
+/* $OpenBSD: ssh-keygen.c,v 1.253 2015/01/16 06:40:12 deraadt Exp $ */
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
  * Copyright (c) 1994 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -17,7 +17,6 @@
 #include <sys/types.h>
 #include <sys/socket.h>
 #include <sys/stat.h>
-#include <sys/param.h>
 
 #ifdef WITH_OPENSSL
 #include <openssl/evp.h>
@@ -37,6 +36,7 @@
 #include <stdlib.h>
 #include <string.h>
 #include <unistd.h>
+#include <limits.h>
 
 #include "xmalloc.h"
 #include "sshkey.h"
@@ -1065,7 +1065,7 @@ do_known_hosts(struct passwd *pw, const char *name)
         FILE *in, *out = stdout;
         struct sshkey *pub;
         char *cp, *cp2, *kp, *kp2;
-        char line[16*1024], tmp[MAXPATHLEN], old[MAXPATHLEN];
+        char line[16*1024], tmp[PATH_MAX], old[PATH_MAX];
         int c, skip = 0, inplace = 0, num = 0, invalid = 0, has_unhashed = 0;
         int r, ca, revoked;
         int found_key = 0;
@@ -2291,9 +2291,9 @@ usage(void)
 int
 main(int argc, char **argv)
 {
-        char dotsshdir[MAXPATHLEN], comment[1024], *passphrase1, *passphrase2;
+        char dotsshdir[PATH_MAX], comment[1024], *passphrase1, *passphrase2;
         char *checkpoint = NULL;
-        char out_file[MAXPATHLEN], *rr_hostname = NULL, *ep;
+        char out_file[PATH_MAX], *rr_hostname = NULL, *ep;
         struct sshkey *private, *public;
         struct passwd *pw;
         struct stat st;
@@ -2513,7 +2513,7 @@ main(int argc, char **argv)
                                 fatal("Output filename too long");
                         break;
                 case 'K':
-                        if (strlen(optarg) >= MAXPATHLEN)
+                        if (strlen(optarg) >= PATH_MAX)
                                 fatal("Checkpoint filename too long");
                         checkpoint = xstrdup(optarg);
                         break;
diff --git a/sshkey.c b/sshkey.c
index add9f2b73..99c53bbcc 100644
--- a/sshkey.c
+++ b/sshkey.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: sshkey.c,v 1.12 2015/01/14 10:46:28 djm Exp $ */
+/* $OpenBSD: sshkey.c,v 1.13 2015/01/16 06:40:12 deraadt Exp $ */
 /*
  * Copyright (c) 2000, 2001 Markus Friedl.  All rights reserved.
  * Copyright (c) 2008 Alexander von Gernler.  All rights reserved.
@@ -27,7 +27,7 @@
 
 #include "includes.h"
 
-#include <sys/param.h>
+#include <sys/param.h>  /* MIN MAX */
 #include <sys/types.h>
 #include <netinet/in.h>
 
@@ -40,6 +40,7 @@
 #include "crypto_api.h"
 
 #include <errno.h>
+#include <limits.h>
 #include <stdio.h>
 #include <string.h>
 #include <resolv.h>
diff --git a/sshlogin.c b/sshlogin.c
index 7b951c844..3313ac998 100644
--- a/sshlogin.c
+++ b/sshlogin.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: sshlogin.c,v 1.29 2014/07/15 15:54:14 millert Exp $ */
+/* $OpenBSD: sshlogin.c,v 1.30 2015/01/16 06:40:12 deraadt Exp $ */
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -42,7 +42,7 @@
 #include "includes.h"
 
 #include <sys/types.h>
-#include <sys/param.h>
+#include <sys/param.h>  /* MAXHOSTNAMELEN */
 #include <sys/socket.h>
 
 #include <netinet/in.h>
diff --git a/uidswap.c b/uidswap.c
index 1f09d5887..c339283af 100644
--- a/uidswap.c
+++ b/uidswap.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: uidswap.c,v 1.36 2013/11/08 11:15:19 dtucker Exp $ */
+/* $OpenBSD: uidswap.c,v 1.37 2015/01/16 06:40:12 deraadt Exp $ */
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -14,11 +14,11 @@
 
 #include "includes.h"
 
-#include <sys/param.h>
 #include <errno.h>
 #include <pwd.h>
 #include <string.h>
 #include <unistd.h>
+#include <limits.h>
 #include <stdarg.h>
 #include <stdlib.h>
 
diff --git a/xmalloc.c b/xmalloc.c
index 2f1cd2306..0a9f282ae 100644
--- a/xmalloc.c
+++ b/xmalloc.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: xmalloc.c,v 1.29 2014/01/04 17:50:55 tedu Exp $ */
+/* $OpenBSD: xmalloc.c,v 1.30 2015/01/16 06:40:12 deraadt Exp $ */
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -15,11 +15,11 @@
 
 #include "includes.h"
 
-#include <sys/param.h>
 #include <stdarg.h>
 #include <stdio.h>
 #include <stdlib.h>
 #include <string.h>
+#include <limits.h>
 
 #include "xmalloc.h"
 #include "log.h"