diff options
| author | Colin Watson <cjwatson@debian.org> | 2006-09-29 11:36:40 +0000 |
|---|---|---|
| committer | Colin Watson <cjwatson@debian.org> | 2006-09-29 11:36:40 +0000 |
| commit | b9438bbc073e792547318c8e343923748536529c (patch) | |
| tree | 267f9815b8386617219421d862be309b73758c6b /log.c | |
| parent | 0b228013734983ec12ddaa535d42704b5e4cee90 (diff) | |
- CVE-2006-5051: Fix an unsafe signal hander reported by Mark Dowd. The
signal handler was vulnerable to a race condition that could be
exploited to perform a pre-authentication denial of service. On
portable OpenSSH, this vulnerability could theoretically lead to
pre-authentication remote code execution if GSSAPI authentication is
enabled, but the likelihood of successful exploitation appears remote.
Diffstat (limited to 'log.c')
| -rw-r--r-- | log.c | 12 |
1 files changed, 12 insertions, 0 deletions
| @@ -131,6 +131,18 @@ error(const char *fmt,...) | |||
| 131 | va_end(args); | 131 | va_end(args); |
| 132 | } | 132 | } |
| 133 | 133 | ||
| 134 | void | ||
| 135 | sigdie(const char *fmt,...) | ||
| 136 | { | ||
| 137 | va_list args; | ||
| 138 | |||
| 139 | va_start(args, fmt); | ||
| 140 | do_log(SYSLOG_LEVEL_FATAL, fmt, args); | ||
| 141 | va_end(args); | ||
| 142 | _exit(1); | ||
| 143 | } | ||
| 144 | |||
| 145 | |||
| 134 | /* Log this message (information that usually should go to the log). */ | 146 | /* Log this message (information that usually should go to the log). */ |
| 135 | 147 | ||
| 136 | void | 148 | void |