diff options
| author | djm@openbsd.org <djm@openbsd.org> | 2015-05-04 06:10:48 +0000 |
|---|---|---|
| committer | Damien Miller <djm@mindrot.org> | 2015-05-10 11:38:04 +1000 |
| commit | e661a86353e11592c7ed6a847e19a83609f49e77 (patch) | |
| tree | 5fe2c206d56dd4296a79e20ca6cfbbb83cb7c40c /servconf.c | |
| parent | 0ef1de742be2ee4b10381193fe90730925b7f027 (diff) | |
upstream commit
Remove pattern length argument from match_pattern_list(), we
only ever use it for strlen(pattern).
Prompted by hanno AT hboeck.de pointing an out-of-bound read
error caused by an incorrect pattern length found using AFL
and his own tools.
ok markus@
Diffstat (limited to 'servconf.c')
| -rw-r--r-- | servconf.c | 9 |
1 files changed, 3 insertions, 6 deletions
diff --git a/servconf.c b/servconf.c index 29457b833..c0291947b 100644 --- a/servconf.c +++ b/servconf.c | |||
| @@ -1,5 +1,4 @@ | |||
| 1 | 1 | /* $OpenBSD: servconf.c,v 1.269 2015/05/04 06:10:48 djm Exp $ */ | |
| 2 | /* $OpenBSD: servconf.c,v 1.266 2015/04/29 03:48:56 dtucker Exp $ */ | ||
| 3 | /* | 2 | /* |
| 4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland | 3 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland |
| 5 | * All rights reserved | 4 | * All rights reserved |
| @@ -754,7 +753,6 @@ match_cfg_line(char **condition, int line, struct connection_info *ci) | |||
| 754 | { | 753 | { |
| 755 | int result = 1, attributes = 0, port; | 754 | int result = 1, attributes = 0, port; |
| 756 | char *arg, *attrib, *cp = *condition; | 755 | char *arg, *attrib, *cp = *condition; |
| 757 | size_t len; | ||
| 758 | 756 | ||
| 759 | if (ci == NULL) | 757 | if (ci == NULL) |
| 760 | debug3("checking syntax for 'Match %s'", cp); | 758 | debug3("checking syntax for 'Match %s'", cp); |
| @@ -781,13 +779,12 @@ match_cfg_line(char **condition, int line, struct connection_info *ci) | |||
| 781 | error("Missing Match criteria for %s", attrib); | 779 | error("Missing Match criteria for %s", attrib); |
| 782 | return -1; | 780 | return -1; |
| 783 | } | 781 | } |
| 784 | len = strlen(arg); | ||
| 785 | if (strcasecmp(attrib, "user") == 0) { | 782 | if (strcasecmp(attrib, "user") == 0) { |
| 786 | if (ci == NULL || ci->user == NULL) { | 783 | if (ci == NULL || ci->user == NULL) { |
| 787 | result = 0; | 784 | result = 0; |
| 788 | continue; | 785 | continue; |
| 789 | } | 786 | } |
| 790 | if (match_pattern_list(ci->user, arg, len, 0) != 1) | 787 | if (match_pattern_list(ci->user, arg, 0) != 1) |
| 791 | result = 0; | 788 | result = 0; |
| 792 | else | 789 | else |
| 793 | debug("user %.100s matched 'User %.100s' at " | 790 | debug("user %.100s matched 'User %.100s' at " |
| @@ -808,7 +805,7 @@ match_cfg_line(char **condition, int line, struct connection_info *ci) | |||
| 808 | result = 0; | 805 | result = 0; |
| 809 | continue; | 806 | continue; |
| 810 | } | 807 | } |
| 811 | if (match_hostname(ci->host, arg, len) != 1) | 808 | if (match_hostname(ci->host, arg) != 1) |
| 812 | result = 0; | 809 | result = 0; |
| 813 | else | 810 | else |
| 814 | debug("connection from %.100s matched 'Host " | 811 | debug("connection from %.100s matched 'Host " |