diff options
author | djm@openbsd.org <djm@openbsd.org> | 2015-05-04 06:10:48 +0000 |
---|---|---|
committer | Damien Miller <djm@mindrot.org> | 2015-05-10 11:38:04 +1000 |
commit | e661a86353e11592c7ed6a847e19a83609f49e77 (patch) | |
tree | 5fe2c206d56dd4296a79e20ca6cfbbb83cb7c40c /servconf.c | |
parent | 0ef1de742be2ee4b10381193fe90730925b7f027 (diff) |
upstream commit
Remove pattern length argument from match_pattern_list(), we
only ever use it for strlen(pattern).
Prompted by hanno AT hboeck.de pointing an out-of-bound read
error caused by an incorrect pattern length found using AFL
and his own tools.
ok markus@
Diffstat (limited to 'servconf.c')
-rw-r--r-- | servconf.c | 9 |
1 files changed, 3 insertions, 6 deletions
diff --git a/servconf.c b/servconf.c index 29457b833..c0291947b 100644 --- a/servconf.c +++ b/servconf.c | |||
@@ -1,5 +1,4 @@ | |||
1 | 1 | /* $OpenBSD: servconf.c,v 1.269 2015/05/04 06:10:48 djm Exp $ */ | |
2 | /* $OpenBSD: servconf.c,v 1.266 2015/04/29 03:48:56 dtucker Exp $ */ | ||
3 | /* | 2 | /* |
4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland | 3 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland |
5 | * All rights reserved | 4 | * All rights reserved |
@@ -754,7 +753,6 @@ match_cfg_line(char **condition, int line, struct connection_info *ci) | |||
754 | { | 753 | { |
755 | int result = 1, attributes = 0, port; | 754 | int result = 1, attributes = 0, port; |
756 | char *arg, *attrib, *cp = *condition; | 755 | char *arg, *attrib, *cp = *condition; |
757 | size_t len; | ||
758 | 756 | ||
759 | if (ci == NULL) | 757 | if (ci == NULL) |
760 | debug3("checking syntax for 'Match %s'", cp); | 758 | debug3("checking syntax for 'Match %s'", cp); |
@@ -781,13 +779,12 @@ match_cfg_line(char **condition, int line, struct connection_info *ci) | |||
781 | error("Missing Match criteria for %s", attrib); | 779 | error("Missing Match criteria for %s", attrib); |
782 | return -1; | 780 | return -1; |
783 | } | 781 | } |
784 | len = strlen(arg); | ||
785 | if (strcasecmp(attrib, "user") == 0) { | 782 | if (strcasecmp(attrib, "user") == 0) { |
786 | if (ci == NULL || ci->user == NULL) { | 783 | if (ci == NULL || ci->user == NULL) { |
787 | result = 0; | 784 | result = 0; |
788 | continue; | 785 | continue; |
789 | } | 786 | } |
790 | if (match_pattern_list(ci->user, arg, len, 0) != 1) | 787 | if (match_pattern_list(ci->user, arg, 0) != 1) |
791 | result = 0; | 788 | result = 0; |
792 | else | 789 | else |
793 | debug("user %.100s matched 'User %.100s' at " | 790 | debug("user %.100s matched 'User %.100s' at " |
@@ -808,7 +805,7 @@ match_cfg_line(char **condition, int line, struct connection_info *ci) | |||
808 | result = 0; | 805 | result = 0; |
809 | continue; | 806 | continue; |
810 | } | 807 | } |
811 | if (match_hostname(ci->host, arg, len) != 1) | 808 | if (match_hostname(ci->host, arg) != 1) |
812 | result = 0; | 809 | result = 0; |
813 | else | 810 | else |
814 | debug("connection from %.100s matched 'Host " | 811 | debug("connection from %.100s matched 'Host " |