diff options
| author | Damien Miller <djm@mindrot.org> | 2007-01-05 16:24:47 +1100 |
|---|---|---|
| committer | Damien Miller <djm@mindrot.org> | 2007-01-05 16:24:47 +1100 |
| commit | 3ca8b7717933e28b8bd896aab1738e937e1a3117 (patch) | |
| tree | f6a9843ac1daea64f9604b91d629da6ccc337c77 | |
| parent | df8b7db16e6ac2cfc216167af0ff1f338e196658 (diff) | |
- ray@cvs.openbsd.org 2006/11/23 01:35:11
[misc.c sftp.c]
Don't access buf[strlen(buf) - 1] for zero-length strings.
``ok by me'' djm@.
| -rw-r--r-- | ChangeLog | 6 | ||||
| -rw-r--r-- | misc.c | 4 | ||||
| -rw-r--r-- | sftp.c | 6 |
3 files changed, 11 insertions, 5 deletions
| @@ -3,6 +3,10 @@ | |||
| 3 | - deraadt@cvs.openbsd.org 2006/11/14 19:41:04 | 3 | - deraadt@cvs.openbsd.org 2006/11/14 19:41:04 |
| 4 | [ssh-keygen.c] | 4 | [ssh-keygen.c] |
| 5 | use argc and argv not some made up short form | 5 | use argc and argv not some made up short form |
| 6 | - ray@cvs.openbsd.org 2006/11/23 01:35:11 | ||
| 7 | [misc.c sftp.c] | ||
| 8 | Don't access buf[strlen(buf) - 1] for zero-length strings. | ||
| 9 | ``ok by me'' djm@. | ||
| 6 | 10 | ||
| 7 | 20061205 | 11 | 20061205 |
| 8 | - (djm) [auth.c] Fix NULL pointer dereference in fakepw(). Crash would | 12 | - (djm) [auth.c] Fix NULL pointer dereference in fakepw(). Crash would |
| @@ -2623,4 +2627,4 @@ | |||
| 2623 | OpenServer 6 and add osr5bigcrypt support so when someone migrates | 2627 | OpenServer 6 and add osr5bigcrypt support so when someone migrates |
| 2624 | passwords between UnixWare and OpenServer they will still work. OK dtucker@ | 2628 | passwords between UnixWare and OpenServer they will still work. OK dtucker@ |
| 2625 | 2629 | ||
| 2626 | $Id: ChangeLog,v 1.4592 2007/01/05 05:22:57 djm Exp $ | 2630 | $Id: ChangeLog,v 1.4593 2007/01/05 05:24:47 djm Exp $ |
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: misc.c,v 1.64 2006/08/03 03:34:42 deraadt Exp $ */ | 1 | /* $OpenBSD: misc.c,v 1.65 2006/11/23 01:35:11 ray Exp $ */ |
| 2 | /* | 2 | /* |
| 3 | * Copyright (c) 2000 Markus Friedl. All rights reserved. | 3 | * Copyright (c) 2000 Markus Friedl. All rights reserved. |
| 4 | * Copyright (c) 2005,2006 Damien Miller. All rights reserved. | 4 | * Copyright (c) 2005,2006 Damien Miller. All rights reserved. |
| @@ -616,6 +616,8 @@ read_keyfile_line(FILE *f, const char *filename, char *buf, size_t bufsz, | |||
| 616 | u_long *lineno) | 616 | u_long *lineno) |
| 617 | { | 617 | { |
| 618 | while (fgets(buf, bufsz, f) != NULL) { | 618 | while (fgets(buf, bufsz, f) != NULL) { |
| 619 | if (buf[0] == '\0') | ||
| 620 | continue; | ||
| 619 | (*lineno)++; | 621 | (*lineno)++; |
| 620 | if (buf[strlen(buf) - 1] == '\n' || feof(f)) { | 622 | if (buf[strlen(buf) - 1] == '\n' || feof(f)) { |
| 621 | return 0; | 623 | return 0; |
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: sftp.c,v 1.93 2006/09/30 17:48:22 ray Exp $ */ | 1 | /* $OpenBSD: sftp.c,v 1.94 2006/11/23 01:35:11 ray Exp $ */ |
| 2 | /* | 2 | /* |
| 3 | * Copyright (c) 2001-2004 Damien Miller <djm@openbsd.org> | 3 | * Copyright (c) 2001-2004 Damien Miller <djm@openbsd.org> |
| 4 | * | 4 | * |
| @@ -298,11 +298,11 @@ static char * | |||
| 298 | path_append(char *p1, char *p2) | 298 | path_append(char *p1, char *p2) |
| 299 | { | 299 | { |
| 300 | char *ret; | 300 | char *ret; |
| 301 | int len = strlen(p1) + strlen(p2) + 2; | 301 | size_t len = strlen(p1) + strlen(p2) + 2; |
| 302 | 302 | ||
| 303 | ret = xmalloc(len); | 303 | ret = xmalloc(len); |
| 304 | strlcpy(ret, p1, len); | 304 | strlcpy(ret, p1, len); |
| 305 | if (p1[strlen(p1) - 1] != '/') | 305 | if (p1[0] != '\0' && p1[strlen(p1) - 1] != '/') |
| 306 | strlcat(ret, "/", len); | 306 | strlcat(ret, "/", len); |
| 307 | strlcat(ret, p2, len); | 307 | strlcat(ret, p2, len); |
| 308 | 308 | ||