diff options
| author | Darren Tucker <dtucker@zip.com.au> | 2003-09-23 18:59:08 +1000 |
|---|---|---|
| committer | Darren Tucker <dtucker@zip.com.au> | 2003-09-23 18:59:08 +1000 |
| commit | a05ec477b32c50aa793d865a231a3ec9d0ab1234 (patch) | |
| tree | ed5a8892226f8dd4da673ece5422ecd15ba207a2 /ssh-agent.c | |
| parent | e1318fb07f775f2d54cacd98c217de9c25fbe964 (diff) | |
- markus@cvs.openbsd.org 2003/09/18 08:49:45
[deattack.c misc.c session.c ssh-agent.c]
more buffer allocation fixes; from Solar Designer; CAN-2003-0682;
ok millert@
Diffstat (limited to 'ssh-agent.c')
| -rw-r--r-- | ssh-agent.c | 17 |
1 files changed, 9 insertions, 8 deletions
diff --git a/ssh-agent.c b/ssh-agent.c index c05c61468..e1e6cae9b 100644 --- a/ssh-agent.c +++ b/ssh-agent.c | |||
| @@ -35,7 +35,7 @@ | |||
| 35 | 35 | ||
| 36 | #include "includes.h" | 36 | #include "includes.h" |
| 37 | #include "openbsd-compat/sys-queue.h" | 37 | #include "openbsd-compat/sys-queue.h" |
| 38 | RCSID("$OpenBSD: ssh-agent.c,v 1.111 2003/06/12 19:12:03 markus Exp $"); | 38 | RCSID("$OpenBSD: ssh-agent.c,v 1.112 2003/09/18 08:49:45 markus Exp $"); |
| 39 | 39 | ||
| 40 | #include <openssl/evp.h> | 40 | #include <openssl/evp.h> |
| 41 | #include <openssl/md5.h> | 41 | #include <openssl/md5.h> |
| @@ -784,7 +784,7 @@ process_message(SocketEntry *e) | |||
| 784 | static void | 784 | static void |
| 785 | new_socket(sock_type type, int fd) | 785 | new_socket(sock_type type, int fd) |
| 786 | { | 786 | { |
| 787 | u_int i, old_alloc; | 787 | u_int i, old_alloc, new_alloc; |
| 788 | 788 | ||
| 789 | if (fcntl(fd, F_SETFL, O_NONBLOCK) < 0) | 789 | if (fcntl(fd, F_SETFL, O_NONBLOCK) < 0) |
| 790 | error("fcntl O_NONBLOCK: %s", strerror(errno)); | 790 | error("fcntl O_NONBLOCK: %s", strerror(errno)); |
| @@ -795,25 +795,26 @@ new_socket(sock_type type, int fd) | |||
| 795 | for (i = 0; i < sockets_alloc; i++) | 795 | for (i = 0; i < sockets_alloc; i++) |
| 796 | if (sockets[i].type == AUTH_UNUSED) { | 796 | if (sockets[i].type == AUTH_UNUSED) { |
| 797 | sockets[i].fd = fd; | 797 | sockets[i].fd = fd; |
| 798 | sockets[i].type = type; | ||
| 799 | buffer_init(&sockets[i].input); | 798 | buffer_init(&sockets[i].input); |
| 800 | buffer_init(&sockets[i].output); | 799 | buffer_init(&sockets[i].output); |
| 801 | buffer_init(&sockets[i].request); | 800 | buffer_init(&sockets[i].request); |
| 801 | sockets[i].type = type; | ||
| 802 | return; | 802 | return; |
| 803 | } | 803 | } |
| 804 | old_alloc = sockets_alloc; | 804 | old_alloc = sockets_alloc; |
| 805 | sockets_alloc += 10; | 805 | new_alloc = sockets_alloc + 10; |
| 806 | if (sockets) | 806 | if (sockets) |
| 807 | sockets = xrealloc(sockets, sockets_alloc * sizeof(sockets[0])); | 807 | sockets = xrealloc(sockets, new_alloc * sizeof(sockets[0])); |
| 808 | else | 808 | else |
| 809 | sockets = xmalloc(sockets_alloc * sizeof(sockets[0])); | 809 | sockets = xmalloc(new_alloc * sizeof(sockets[0])); |
| 810 | for (i = old_alloc; i < sockets_alloc; i++) | 810 | for (i = old_alloc; i < new_alloc; i++) |
| 811 | sockets[i].type = AUTH_UNUSED; | 811 | sockets[i].type = AUTH_UNUSED; |
| 812 | sockets[old_alloc].type = type; | 812 | sockets_alloc = new_alloc; |
| 813 | sockets[old_alloc].fd = fd; | 813 | sockets[old_alloc].fd = fd; |
| 814 | buffer_init(&sockets[old_alloc].input); | 814 | buffer_init(&sockets[old_alloc].input); |
| 815 | buffer_init(&sockets[old_alloc].output); | 815 | buffer_init(&sockets[old_alloc].output); |
| 816 | buffer_init(&sockets[old_alloc].request); | 816 | buffer_init(&sockets[old_alloc].request); |
| 817 | sockets[old_alloc].type = type; | ||
| 817 | } | 818 | } |
| 818 | 819 | ||
| 819 | static int | 820 | static int |