diff options
author | Colin Watson <cjwatson@debian.org> | 2006-09-29 11:36:40 +0000 |
---|---|---|
committer | Colin Watson <cjwatson@debian.org> | 2006-09-29 11:36:40 +0000 |
commit | b9438bbc073e792547318c8e343923748536529c (patch) | |
tree | 267f9815b8386617219421d862be309b73758c6b /log.c | |
parent | 0b228013734983ec12ddaa535d42704b5e4cee90 (diff) |
- CVE-2006-5051: Fix an unsafe signal hander reported by Mark Dowd. The
signal handler was vulnerable to a race condition that could be
exploited to perform a pre-authentication denial of service. On
portable OpenSSH, this vulnerability could theoretically lead to
pre-authentication remote code execution if GSSAPI authentication is
enabled, but the likelihood of successful exploitation appears remote.
Diffstat (limited to 'log.c')
-rw-r--r-- | log.c | 12 |
1 files changed, 12 insertions, 0 deletions
@@ -131,6 +131,18 @@ error(const char *fmt,...) | |||
131 | va_end(args); | 131 | va_end(args); |
132 | } | 132 | } |
133 | 133 | ||
134 | void | ||
135 | sigdie(const char *fmt,...) | ||
136 | { | ||
137 | va_list args; | ||
138 | |||
139 | va_start(args, fmt); | ||
140 | do_log(SYSLOG_LEVEL_FATAL, fmt, args); | ||
141 | va_end(args); | ||
142 | _exit(1); | ||
143 | } | ||
144 | |||
145 | |||
134 | /* Log this message (information that usually should go to the log). */ | 146 | /* Log this message (information that usually should go to the log). */ |
135 | 147 | ||
136 | void | 148 | void |