summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorbeck@openbsd.org <beck@openbsd.org>2018-07-25 13:10:56 +0000
committerDamien Miller <djm@mindrot.org>2018-07-26 13:54:30 +1000
commit8e433c2083db8664c41499ee146448ea7ebe7dbf (patch)
tree7d3bc4cb06117e9a50edf806877b8fd98f205445
parente2127abb105ae72b6fda64fff150e6b24b3f1317 (diff)
upstream: Use the caller provided (copied) pwent struct in
load_public_identity_files instead of calling getpwuid() again and discarding the argument. This prevents a client crash where tilde_expand_filename calls getpwuid() again before the pwent pointer is used. Issue noticed and reported by Pierre-Olivier Martel <pom@apple.com> ok djm@ deraadt@ OpenBSD-Commit-ID: a067d74b5b098763736c94cc1368de8ea3f0b157
-rw-r--r--ssh.c4
1 files changed, 1 insertions, 3 deletions
diff --git a/ssh.c b/ssh.c
index a95d0cf93..c08693d30 100644
--- a/ssh.c
+++ b/ssh.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: ssh.c,v 1.488 2018/07/19 10:28:47 dtucker Exp $ */ 1/* $OpenBSD: ssh.c,v 1.489 2018/07/25 13:10:56 beck Exp $ */
2/* 2/*
3 * Author: Tatu Ylonen <ylo@cs.hut.fi> 3 * Author: Tatu Ylonen <ylo@cs.hut.fi>
4 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland 4 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -2011,8 +2011,6 @@ load_public_identity_files(struct passwd *pw)
2011 free(keys); 2011 free(keys);
2012 } 2012 }
2013#endif /* ENABLE_PKCS11 */ 2013#endif /* ENABLE_PKCS11 */
2014 if ((pw = getpwuid(original_real_uid)) == NULL)
2015 fatal("load_public_identity_files: getpwuid failed");
2016 for (i = 0; i < options.num_identity_files; i++) { 2014 for (i = 0; i < options.num_identity_files; i++) {
2017 if (n_ids >= SSH_MAX_IDENTITY_FILES || 2015 if (n_ids >= SSH_MAX_IDENTITY_FILES ||
2018 strcasecmp(options.identity_files[i], "none") == 0) { 2016 strcasecmp(options.identity_files[i], "none") == 0) {