diff options
| author | djm@openbsd.org <djm@openbsd.org> | 2015-05-04 06:10:48 +0000 |
|---|---|---|
| committer | Damien Miller <djm@mindrot.org> | 2015-05-10 11:38:04 +1000 |
| commit | e661a86353e11592c7ed6a847e19a83609f49e77 (patch) | |
| tree | 5fe2c206d56dd4296a79e20ca6cfbbb83cb7c40c /monitor.c | |
| parent | 0ef1de742be2ee4b10381193fe90730925b7f027 (diff) | |
upstream commit
Remove pattern length argument from match_pattern_list(), we
only ever use it for strlen(pattern).
Prompted by hanno AT hboeck.de pointing an out-of-bound read
error caused by an incorrect pattern length found using AFL
and his own tools.
ok markus@
Diffstat (limited to 'monitor.c')
| -rw-r--r-- | monitor.c | 11 |
1 files changed, 5 insertions, 6 deletions
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: monitor.c,v 1.147 2015/04/27 01:52:30 djm Exp $ */ | 1 | /* $OpenBSD: monitor.c,v 1.149 2015/05/04 06:10:48 djm Exp $ */ |
| 2 | /* | 2 | /* |
| 3 | * Copyright 2002 Niels Provos <provos@citi.umich.edu> | 3 | * Copyright 2002 Niels Provos <provos@citi.umich.edu> |
| 4 | * Copyright 2002 Markus Friedl <markus@openbsd.org> | 4 | * Copyright 2002 Markus Friedl <markus@openbsd.org> |
| @@ -1215,9 +1215,9 @@ mm_answer_keyallowed(int sock, Buffer *m) | |||
| 1215 | allowed = options.pubkey_authentication && | 1215 | allowed = options.pubkey_authentication && |
| 1216 | !auth2_userkey_already_used(authctxt, key) && | 1216 | !auth2_userkey_already_used(authctxt, key) && |
| 1217 | match_pattern_list(sshkey_ssh_name(key), | 1217 | match_pattern_list(sshkey_ssh_name(key), |
| 1218 | options.pubkey_key_types, | 1218 | options.pubkey_key_types, 0) == 1 && |
| 1219 | strlen(options.pubkey_key_types), 0) == 1 && | 1219 | user_key_allowed(authctxt->pw, key, |
| 1220 | user_key_allowed(authctxt->pw, key); | 1220 | pubkey_auth_attempt); |
| 1221 | pubkey_auth_info(authctxt, key, NULL); | 1221 | pubkey_auth_info(authctxt, key, NULL); |
| 1222 | auth_method = "publickey"; | 1222 | auth_method = "publickey"; |
| 1223 | if (options.pubkey_authentication && allowed != 1) | 1223 | if (options.pubkey_authentication && allowed != 1) |
| @@ -1226,8 +1226,7 @@ mm_answer_keyallowed(int sock, Buffer *m) | |||
| 1226 | case MM_HOSTKEY: | 1226 | case MM_HOSTKEY: |
| 1227 | allowed = options.hostbased_authentication && | 1227 | allowed = options.hostbased_authentication && |
| 1228 | match_pattern_list(sshkey_ssh_name(key), | 1228 | match_pattern_list(sshkey_ssh_name(key), |
| 1229 | options.hostbased_key_types, | 1229 | options.hostbased_key_types, 0) == 1 && |
| 1230 | strlen(options.hostbased_key_types), 0) == 1 && | ||
| 1231 | hostbased_key_allowed(authctxt->pw, | 1230 | hostbased_key_allowed(authctxt->pw, |
| 1232 | cuser, chost, key); | 1231 | cuser, chost, key); |
| 1233 | pubkey_auth_info(authctxt, key, | 1232 | pubkey_auth_info(authctxt, key, |