diff options
author | Damien Miller <djm@mindrot.org> | 2014-04-20 13:00:11 +1000 |
---|---|---|
committer | Damien Miller <djm@mindrot.org> | 2014-04-20 13:00:11 +1000 |
commit | 8f9cd709c7cf0655d414306a0ed28306b33802be (patch) | |
tree | 8063cc3dc3435ebc4356a509603f51a3bd8acf12 | |
parent | 1c7ef4be83f6dec84509a312518b9df00ab491d9 (diff) |
- djm@cvs.openbsd.org 2014/03/12 04:50:32
[auth-bsdauth.c ssh-keygen.c]
don't count on things that accept arguments by reference to clear
things for us on error; most things do, but it's unsafe form.
-rw-r--r-- | ChangeLog | 4 | ||||
-rw-r--r-- | auth-bsdauth.c | 7 | ||||
-rw-r--r-- | ssh-keygen.c | 4 |
3 files changed, 12 insertions, 3 deletions
@@ -8,6 +8,10 @@ | |||
8 | - djm@cvs.openbsd.org 2014/03/12 04:44:58 | 8 | - djm@cvs.openbsd.org 2014/03/12 04:44:58 |
9 | [ssh-keyscan.c] | 9 | [ssh-keyscan.c] |
10 | scan for Ed25519 keys by default too | 10 | scan for Ed25519 keys by default too |
11 | - djm@cvs.openbsd.org 2014/03/12 04:50:32 | ||
12 | [auth-bsdauth.c ssh-keygen.c] | ||
13 | don't count on things that accept arguments by reference to clear | ||
14 | things for us on error; most things do, but it's unsafe form. | ||
11 | 15 | ||
12 | 20140401 | 16 | 20140401 |
13 | - (djm) On platforms that support it, use prctl() to prevent sftp-server | 17 | - (djm) On platforms that support it, use prctl() to prevent sftp-server |
diff --git a/auth-bsdauth.c b/auth-bsdauth.c index 0b3262b49..f4209c22a 100644 --- a/auth-bsdauth.c +++ b/auth-bsdauth.c | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: auth-bsdauth.c,v 1.11 2007/09/21 08:15:29 djm Exp $ */ | 1 | /* $OpenBSD: auth-bsdauth.c,v 1.12 2014/03/12 04:50:32 djm Exp $ */ |
2 | /* | 2 | /* |
3 | * Copyright (c) 2001 Markus Friedl. All rights reserved. | 3 | * Copyright (c) 2001 Markus Friedl. All rights reserved. |
4 | * | 4 | * |
@@ -54,6 +54,11 @@ bsdauth_query(void *ctx, char **name, char **infotxt, | |||
54 | Authctxt *authctxt = ctx; | 54 | Authctxt *authctxt = ctx; |
55 | char *challenge = NULL; | 55 | char *challenge = NULL; |
56 | 56 | ||
57 | *infotxt = NULL; | ||
58 | *numprompts = 0; | ||
59 | *prompts = NULL; | ||
60 | *echo_on = NULL; | ||
61 | |||
57 | if (authctxt->as != NULL) { | 62 | if (authctxt->as != NULL) { |
58 | debug2("bsdauth_query: try reuse session"); | 63 | debug2("bsdauth_query: try reuse session"); |
59 | challenge = auth_getitem(authctxt->as, AUTHV_CHALLENGE); | 64 | challenge = auth_getitem(authctxt->as, AUTHV_CHALLENGE); |
diff --git a/ssh-keygen.c b/ssh-keygen.c index 2a316bcea..64d1a5f3c 100644 --- a/ssh-keygen.c +++ b/ssh-keygen.c | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: ssh-keygen.c,v 1.241 2014/02/05 20:13:25 naddy Exp $ */ | 1 | /* $OpenBSD: ssh-keygen.c,v 1.242 2014/03/12 04:50:32 djm Exp $ */ |
2 | /* | 2 | /* |
3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> | 3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> |
4 | * Copyright (c) 1994 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland | 4 | * Copyright (c) 1994 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland |
@@ -408,7 +408,7 @@ do_convert_private_ssh2_from_blob(u_char *blob, u_int blen) | |||
408 | Buffer b; | 408 | Buffer b; |
409 | Key *key = NULL; | 409 | Key *key = NULL; |
410 | char *type, *cipher; | 410 | char *type, *cipher; |
411 | u_char *sig, data[] = "abcde12345"; | 411 | u_char *sig = NULL, data[] = "abcde12345"; |
412 | int magic, rlen, ktype, i1, i2, i3, i4; | 412 | int magic, rlen, ktype, i1, i2, i3, i4; |
413 | u_int slen; | 413 | u_int slen; |
414 | u_long e; | 414 | u_long e; |