diff options
author | Damien Miller <djm@mindrot.org> | 2006-03-26 14:19:21 +1100 |
---|---|---|
committer | Damien Miller <djm@mindrot.org> | 2006-03-26 14:19:21 +1100 |
commit | 07d86bec5eeaf19fe33dca99c8ebcbe9a77c3938 (patch) | |
tree | 098295eee2d7ec7b116b0db3ac4b580713dd5ab0 /auth.c | |
parent | 7cd4579eb3c5afd22ae24436fd2611cd3aa0150a (diff) |
- djm@cvs.openbsd.org 2006/03/25 00:05:41
[auth-bsdauth.c auth-skey.c auth.c auth2-chall.c channels.c]
[clientloop.c deattack.c gss-genr.c kex.c key.c misc.c moduli.c]
[monitor.c monitor_wrap.c packet.c scard.c sftp-server.c ssh-agent.c]
[ssh-keyscan.c ssh.c sshconnect.c sshconnect2.c sshd.c uuencode.c]
[xmalloc.c xmalloc.h]
introduce xcalloc() and xasprintf() failure-checked allocations
functions and use them throughout openssh
xcalloc is particularly important because malloc(nmemb * size) is a
dangerous idiom (subject to integer overflow) and it is time for it
to die
feedback and ok deraadt@
Diffstat (limited to 'auth.c')
-rw-r--r-- | auth.c | 12 |
1 files changed, 5 insertions, 7 deletions
@@ -340,7 +340,8 @@ auth_root_allowed(char *method) | |||
340 | static char * | 340 | static char * |
341 | expand_authorized_keys(const char *filename, struct passwd *pw) | 341 | expand_authorized_keys(const char *filename, struct passwd *pw) |
342 | { | 342 | { |
343 | char *file, *ret; | 343 | char *file, ret[MAXPATHLEN]; |
344 | int i; | ||
344 | 345 | ||
345 | file = percent_expand(filename, "h", pw->pw_dir, | 346 | file = percent_expand(filename, "h", pw->pw_dir, |
346 | "u", pw->pw_name, (char *)NULL); | 347 | "u", pw->pw_name, (char *)NULL); |
@@ -352,14 +353,11 @@ expand_authorized_keys(const char *filename, struct passwd *pw) | |||
352 | if (*file == '/') | 353 | if (*file == '/') |
353 | return (file); | 354 | return (file); |
354 | 355 | ||
355 | ret = xmalloc(MAXPATHLEN); | 356 | i = snprintf(ret, sizeof(ret), "%s/%s", pw->pw_dir, file); |
356 | if (strlcpy(ret, pw->pw_dir, MAXPATHLEN) >= MAXPATHLEN || | 357 | if (i < 0 || (size_t)i >= sizeof(ret)) |
357 | strlcat(ret, "/", MAXPATHLEN) >= MAXPATHLEN || | ||
358 | strlcat(ret, file, MAXPATHLEN) >= MAXPATHLEN) | ||
359 | fatal("expand_authorized_keys: path too long"); | 358 | fatal("expand_authorized_keys: path too long"); |
360 | |||
361 | xfree(file); | 359 | xfree(file); |
362 | return (ret); | 360 | return (xstrdup(ret)); |
363 | } | 361 | } |
364 | 362 | ||
365 | char * | 363 | char * |