* New upstream release (LP: #535029).

  - After a transition period of about 10 years, this release disables SSH
    protocol 1 by default.  Clients and servers that need to use the
    legacy protocol must explicitly enable it in ssh_config / sshd_config
    or on the command-line.
  - Remove the libsectok/OpenSC-based smartcard code and add support for
    PKCS#11 tokens.  This support is enabled by default in the Debian
    packaging, since it now doesn't involve additional library
    dependencies (closes: #231472, LP: #16918).
  - Add support for certificate authentication of users and hosts using a
    new, minimal OpenSSH certificate format (closes: #482806).
  - Added a 'netcat mode' to ssh(1): "ssh -W host:port ...".
  - Add the ability to revoke keys in sshd(8) and ssh(1).  (For the Debian
    package, this overlaps with the key blacklisting facility added in
    openssh 1:4.7p1-9, but with different file formats and slightly
    different scopes; for the moment, I've roughly merged the two.)
  - Various multiplexing improvements, including support for requesting
    port-forwardings via the multiplex protocol (closes: #360151).
  - Allow setting an explicit umask on the sftp-server(8) commandline to
    override whatever default the user has (closes: #496843).
  - Many sftp client improvements, including tab-completion, more options,
    and recursive transfer support for get/put (LP: #33378).  The old
    mget/mput commands never worked properly and have been removed
    (closes: #270399, #428082).
  - Do not prompt for a passphrase if we fail to open a keyfile, and log
    the reason why the open failed to debug (closes: #431538).
  - Prevent sftp from crashing when given a "-" without a command.  Also,
    allow whitespace to follow a "-" (closes: #531561).

1 files changed, 22 insertions, 6 deletions

diff --git a/bufaux.c b/bufaux.c
index cd9a35ded..4ef19c454 100644
--- a/bufaux.c
+++ b/bufaux.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: bufaux.c,v 1.46 2008/06/10 23:21:34 dtucker Exp $ */
+/* $OpenBSD: bufaux.c,v 1.48 2010/02/02 22:49:34 djm Exp $ */
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -166,7 +166,10 @@ buffer_get_string_ret(Buffer *buffer, u_int *length_ptr)
         u_int len;
 
         /* Get the length. */
-        len = buffer_get_int(buffer);
+        if (buffer_get_int_ret(&len, buffer) != 0) {
+                error("buffer_get_string_ret: cannot extract length");
+                return (NULL);
+        }
         if (len > 256 * 1024) {
                 error("buffer_get_string_ret: bad string length %u", len);
                 return (NULL);
@@ -198,14 +201,17 @@ buffer_get_string(Buffer *buffer, u_int *length_ptr)
 }
 
 void *
-buffer_get_string_ptr(Buffer *buffer, u_int *length_ptr)
+buffer_get_string_ptr_ret(Buffer *buffer, u_int *length_ptr)
 {
         void *ptr;
         u_int len;
 
-        len = buffer_get_int(buffer);
-        if (len > 256 * 1024)
-                fatal("buffer_get_string_ptr: bad string length %u", len);
+        if (buffer_get_int_ret(&len, buffer) != 0)
+                return NULL;
+        if (len > 256 * 1024) {
+                error("buffer_get_string_ptr: bad string length %u", len);
+                return NULL;
+        }
         ptr = buffer_ptr(buffer);
         buffer_consume(buffer, len);
         if (length_ptr)
@@ -213,6 +219,16 @@ buffer_get_string_ptr(Buffer *buffer, u_int *length_ptr)
         return (ptr);
 }
 
+void *
+buffer_get_string_ptr(Buffer *buffer, u_int *length_ptr)
+{
+        void *ret;
+
+        if ((ret = buffer_get_string_ptr_ret(buffer, length_ptr)) == NULL)
+                fatal("buffer_get_string_ptr: buffer error");
+        return (ret);
+}
+
 /*
  * Stores and arbitrary binary string in the buffer.
  */