- djm@cvs.openbsd.org 2006/03/25 00:05:41

     [auth-bsdauth.c auth-skey.c auth.c auth2-chall.c channels.c]
     [clientloop.c deattack.c gss-genr.c kex.c key.c misc.c moduli.c]
     [monitor.c monitor_wrap.c packet.c scard.c sftp-server.c ssh-agent.c]
     [ssh-keyscan.c ssh.c sshconnect.c sshconnect2.c sshd.c uuencode.c]
     [xmalloc.c xmalloc.h]
     introduce xcalloc() and xasprintf() failure-checked allocations
     functions and use them throughout openssh

     xcalloc is particularly important because malloc(nmemb * size) is a
     dangerous idiom (subject to integer overflow) and it is time for it
     to die

     feedback and ok deraadt@

1 files changed, 5 insertions, 7 deletions

diff --git a/auth.c b/auth.c
index 85c6f8d1d..aa6d66075 100644
--- a/auth.c
+++ b/auth.c
@@ -340,7 +340,8 @@ auth_root_allowed(char *method)
 static char *
 expand_authorized_keys(const char *filename, struct passwd *pw)
 {
-        char *file, *ret;
+        char *file, ret[MAXPATHLEN];
+        int i;
 
         file = percent_expand(filename, "h", pw->pw_dir,
             "u", pw->pw_name, (char *)NULL);
@@ -352,14 +353,11 @@ expand_authorized_keys(const char *filename, struct passwd *pw)
         if (*file == '/')
                 return (file);
 
-        ret = xmalloc(MAXPATHLEN);
-        if (strlcpy(ret, pw->pw_dir, MAXPATHLEN) >= MAXPATHLEN ||
-            strlcat(ret, "/", MAXPATHLEN) >= MAXPATHLEN ||
-            strlcat(ret, file, MAXPATHLEN) >= MAXPATHLEN)
+        i = snprintf(ret, sizeof(ret), "%s/%s", pw->pw_dir, file);
+        if (i < 0 || (size_t)i >= sizeof(ret))
                 fatal("expand_authorized_keys: path too long");
-
         xfree(file);
-        return (ret);
+        return (xstrdup(ret));
 }
 
 char *