- djm@cvs.openbsd.org 2013/02/08 00:41:12

     [sftp.c]
     fix NULL deref when built without libedit and control characters
     entered as command; debugging and patch from Iain Morgan an
     Loganaden Velvindron in bz#1956

2 files changed, 7 insertions, 2 deletions

diff --git a/ChangeLog b/ChangeLog
index c1d428709..4084052d4 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -31,6 +31,11 @@
    - dtucker@cvs.openbsd.org 2013/02/06 00:22:21
      [auth.c]
      Fix comment, from jfree.e1 at gmail
+   - djm@cvs.openbsd.org 2013/02/08 00:41:12
+     [sftp.c]
+     fix NULL deref when built without libedit and control characters
+     entered as command; debugging and patch from Iain Morgan an
+     Loganaden Velvindron in bz#1956
 
 20130211
  - (djm) [configure.ac openbsd-compat/openssl-compat.h] Repair build on old
diff --git a/sftp.c b/sftp.c
index 6516d1f1c..9a53b12b7 100644
--- a/sftp.c
+++ b/sftp.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: sftp.c,v 1.141 2012/10/05 12:34:39 markus Exp $ */
+/* $OpenBSD: sftp.c,v 1.142 2013/02/08 00:41:12 djm Exp $ */
 /*
  * Copyright (c) 2001-2004 Damien Miller <djm@openbsd.org>
  *
@@ -1145,7 +1145,7 @@ parse_args(const char **cpp, int *pflag, int *rflag, int *lflag, int *iflag,
 
         /* Figure out which command we have */
         for (i = 0; cmds[i].c != NULL; i++) {
-                if (strcasecmp(cmds[i].c, argv[0]) == 0)
+                if (argv[0] != NULL && strcasecmp(cmds[i].c, argv[0]) == 0)
                         break;
         }
         cmdnum = cmds[i].n;