- markus@cvs.openbsd.org 2001/02/16 14:03:43

[session.c] proper payload-length check for x11 w/o screen-number
author: Ben Lindstrom <mouring@eviladmin.org> 2001-02-16 16:02:14 +0000
committer: Ben Lindstrom <mouring@eviladmin.org> 2001-02-16 16:02:14 +0000
commit: 8dcdeb84211b7bf4024317b1686c2e0fd6d01e82 (patch)
tree: d652b34225fa513fbfdefe5137c10fe8bc999706
parent: 813f9402aeb2b71d873c159a281b834aa5e24f6c (diff)
2 files changed, 14 insertions, 5 deletions
diff --git a/ChangeLog b/ChangeLog
index f22243cfb..c4d0fb5f4 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -3,6 +3,9 @@
   - markus@cvs.openbsd.org 2001/02/16 13:38:18
     [channel.c]                               
     remove debug                              
+   - markus@cvs.openbsd.org 2001/02/16 14:03:43
+     [session.c]
+     proper payload-length check for x11 w/o screen-number
 20010216
 - (bal) added '--with-prce'  to allow overriding of system regex when
@@ -4001,4 +4004,4 @@
 - Wrote replacements for strlcpy and mkdtemp
 - Released 1.0pre1
-$Id: ChangeLog,v 1.781 2001/02/16 15:56:31 mouring Exp $
+$Id: ChangeLog,v 1.782 2001/02/16 16:02:14 mouring Exp $
diff --git a/session.c b/session.c
index 47ef8b9c7..4e2471f22 100644
--- a/session.c
+++ b/session.c
@@ -33,7 +33,7 @@
 */
 #include "includes.h"
-RCSID("$OpenBSD: session.c,v 1.55 2001/02/08 19:30:52 itojun Exp $");
+RCSID("$OpenBSD: session.c,v 1.56 2001/02/16 14:03:43 markus Exp $");
 #include "ssh.h"
 #include "ssh1.h"
@@ -343,12 +343,18 @@ do_authenticated(struct passwd * pw)
                        s->auth_proto = packet_get_string(&proto_len);
                        s->auth_data = packet_get_string(&data_len);
-                        packet_integrity_check(plen, 4 + proto_len + 4 + data_len + 4, type);
-                        if (packet_get_protocol_flags() & SSH_PROTOFLAG_SCREEN_NUMBER)
+                        if (packet_get_protocol_flags() & SSH_PROTOFLAG_SCREEN_NUMBER) {
+                                debug2("SSH_PROTOFLAG_SCREEN_NUMBER == true");
+                                packet_integrity_check(plen,
+                                    4 + proto_len + 4 + data_len + 4, type);
                                s->screen = packet_get_int();
-                        else
+                        } else {
+                                debug2("SSH_PROTOFLAG_SCREEN_NUMBER == false");
+                                packet_integrity_check(plen,
+                                    4 + proto_len + 4 + data_len, type);
                                s->screen = 0;
+                        }
                        s->display = x11_create_display_inet(s->screen, options.x11_display_offset);
                        if (s->display == NULL)
author	Ben Lindstrom <mouring@eviladmin.org>	2001-02-16 16:02:14 +0000
committer	Ben Lindstrom <mouring@eviladmin.org>	2001-02-16 16:02:14 +0000
commit	8dcdeb84211b7bf4024317b1686c2e0fd6d01e82 (patch)
tree	d652b34225fa513fbfdefe5137c10fe8bc999706
parent	813f9402aeb2b71d873c159a281b834aa5e24f6c (diff)