diff options
| author | Damien Miller <djm@mindrot.org> | 2006-07-10 20:15:56 +1000 |
|---|---|---|
| committer | Damien Miller <djm@mindrot.org> | 2006-07-10 20:15:56 +1000 |
| commit | 1e88ea655634749a847c9426a08b635f6198f085 (patch) | |
| tree | a33173d408a9b1cdd7c524a342a6286f61ea9fd2 | |
| parent | e34c96aea139680ffe8101b6527e45420811e0c0 (diff) | |
- OpenBSD CVS Sync
- djm@cvs.openbsd.org 2006/06/14 10:50:42
[sshconnect.c]
limit the number of pre-banner characters we will accept; ok markus@
| -rw-r--r-- | ChangeLog | 6 | ||||
| -rw-r--r-- | sshconnect.c | 8 |
2 files changed, 10 insertions, 4 deletions
| @@ -1,5 +1,9 @@ | |||
| 1 | 20060710 | 1 | 20060710 |
| 2 | - (dtucker) [INSTALL] New autoconf version: 2.60. | 2 | - (dtucker) [INSTALL] New autoconf version: 2.60. |
| 3 | - OpenBSD CVS Sync | ||
| 4 | - djm@cvs.openbsd.org 2006/06/14 10:50:42 | ||
| 5 | [sshconnect.c] | ||
| 6 | limit the number of pre-banner characters we will accept; ok markus@ | ||
| 3 | 7 | ||
| 4 | 20060706 | 8 | 20060706 |
| 5 | - (dtucker) [configure.ac] Try AIX blibpath test in different order when | 9 | - (dtucker) [configure.ac] Try AIX blibpath test in different order when |
| @@ -4733,4 +4737,4 @@ | |||
| 4733 | - (djm) Trim deprecated options from INSTALL. Mention UsePAM | 4737 | - (djm) Trim deprecated options from INSTALL. Mention UsePAM |
| 4734 | - (djm) Fix quote handling in sftp; Patch from admorten AT umich.edu | 4738 | - (djm) Fix quote handling in sftp; Patch from admorten AT umich.edu |
| 4735 | 4739 | ||
| 4736 | $Id: ChangeLog,v 1.4359 2006/07/10 02:55:24 dtucker Exp $ | 4740 | $Id: ChangeLog,v 1.4360 2006/07/10 10:15:56 djm Exp $ |
diff --git a/sshconnect.c b/sshconnect.c index c76572662..e26efa4dc 100644 --- a/sshconnect.c +++ b/sshconnect.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: sshconnect.c,v 1.184 2006/06/08 14:45:49 markus Exp $ */ | 1 | /* $OpenBSD: sshconnect.c,v 1.185 2006/06/14 10:50:42 djm Exp $ */ |
| 2 | /* | 2 | /* |
| 3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> | 3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> |
| 4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland | 4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland |
| @@ -385,10 +385,10 @@ ssh_exchange_identification(void) | |||
| 385 | int connection_in = packet_get_connection_in(); | 385 | int connection_in = packet_get_connection_in(); |
| 386 | int connection_out = packet_get_connection_out(); | 386 | int connection_out = packet_get_connection_out(); |
| 387 | int minor1 = PROTOCOL_MINOR_1; | 387 | int minor1 = PROTOCOL_MINOR_1; |
| 388 | u_int i; | 388 | u_int i, n; |
| 389 | 389 | ||
| 390 | /* Read other side's version identification. */ | 390 | /* Read other side's version identification. */ |
| 391 | for (;;) { | 391 | for (n = 0;;) { |
| 392 | for (i = 0; i < sizeof(buf) - 1; i++) { | 392 | for (i = 0; i < sizeof(buf) - 1; i++) { |
| 393 | size_t len = atomicio(read, connection_in, &buf[i], 1); | 393 | size_t len = atomicio(read, connection_in, &buf[i], 1); |
| 394 | 394 | ||
| @@ -405,6 +405,8 @@ ssh_exchange_identification(void) | |||
| 405 | buf[i + 1] = 0; | 405 | buf[i + 1] = 0; |
| 406 | break; | 406 | break; |
| 407 | } | 407 | } |
| 408 | if (++n > 65536) | ||
| 409 | fatal("ssh_exchange_identification: No banner received"); | ||
| 408 | } | 410 | } |
| 409 | buf[sizeof(buf) - 1] = 0; | 411 | buf[sizeof(buf) - 1] = 0; |
| 410 | if (strncmp(buf, "SSH-", 4) == 0) | 412 | if (strncmp(buf, "SSH-", 4) == 0) |