summaryrefslogtreecommitdiff
path: root/ssh-agent.c
diff options
context:
space:
mode:
authorDarren Tucker <dtucker@zip.com.au>2003-09-23 18:59:08 +1000
committerDarren Tucker <dtucker@zip.com.au>2003-09-23 18:59:08 +1000
commita05ec477b32c50aa793d865a231a3ec9d0ab1234 (patch)
treeed5a8892226f8dd4da673ece5422ecd15ba207a2 /ssh-agent.c
parente1318fb07f775f2d54cacd98c217de9c25fbe964 (diff)
- markus@cvs.openbsd.org 2003/09/18 08:49:45
[deattack.c misc.c session.c ssh-agent.c] more buffer allocation fixes; from Solar Designer; CAN-2003-0682; ok millert@
Diffstat (limited to 'ssh-agent.c')
-rw-r--r--ssh-agent.c17
1 files changed, 9 insertions, 8 deletions
diff --git a/ssh-agent.c b/ssh-agent.c
index c05c61468..e1e6cae9b 100644
--- a/ssh-agent.c
+++ b/ssh-agent.c
@@ -35,7 +35,7 @@
35 35
36#include "includes.h" 36#include "includes.h"
37#include "openbsd-compat/sys-queue.h" 37#include "openbsd-compat/sys-queue.h"
38RCSID("$OpenBSD: ssh-agent.c,v 1.111 2003/06/12 19:12:03 markus Exp $"); 38RCSID("$OpenBSD: ssh-agent.c,v 1.112 2003/09/18 08:49:45 markus Exp $");
39 39
40#include <openssl/evp.h> 40#include <openssl/evp.h>
41#include <openssl/md5.h> 41#include <openssl/md5.h>
@@ -784,7 +784,7 @@ process_message(SocketEntry *e)
784static void 784static void
785new_socket(sock_type type, int fd) 785new_socket(sock_type type, int fd)
786{ 786{
787 u_int i, old_alloc; 787 u_int i, old_alloc, new_alloc;
788 788
789 if (fcntl(fd, F_SETFL, O_NONBLOCK) < 0) 789 if (fcntl(fd, F_SETFL, O_NONBLOCK) < 0)
790 error("fcntl O_NONBLOCK: %s", strerror(errno)); 790 error("fcntl O_NONBLOCK: %s", strerror(errno));
@@ -795,25 +795,26 @@ new_socket(sock_type type, int fd)
795 for (i = 0; i < sockets_alloc; i++) 795 for (i = 0; i < sockets_alloc; i++)
796 if (sockets[i].type == AUTH_UNUSED) { 796 if (sockets[i].type == AUTH_UNUSED) {
797 sockets[i].fd = fd; 797 sockets[i].fd = fd;
798 sockets[i].type = type;
799 buffer_init(&sockets[i].input); 798 buffer_init(&sockets[i].input);
800 buffer_init(&sockets[i].output); 799 buffer_init(&sockets[i].output);
801 buffer_init(&sockets[i].request); 800 buffer_init(&sockets[i].request);
801 sockets[i].type = type;
802 return; 802 return;
803 } 803 }
804 old_alloc = sockets_alloc; 804 old_alloc = sockets_alloc;
805 sockets_alloc += 10; 805 new_alloc = sockets_alloc + 10;
806 if (sockets) 806 if (sockets)
807 sockets = xrealloc(sockets, sockets_alloc * sizeof(sockets[0])); 807 sockets = xrealloc(sockets, new_alloc * sizeof(sockets[0]));
808 else 808 else
809 sockets = xmalloc(sockets_alloc * sizeof(sockets[0])); 809 sockets = xmalloc(new_alloc * sizeof(sockets[0]));
810 for (i = old_alloc; i < sockets_alloc; i++) 810 for (i = old_alloc; i < new_alloc; i++)
811 sockets[i].type = AUTH_UNUSED; 811 sockets[i].type = AUTH_UNUSED;
812 sockets[old_alloc].type = type; 812 sockets_alloc = new_alloc;
813 sockets[old_alloc].fd = fd; 813 sockets[old_alloc].fd = fd;
814 buffer_init(&sockets[old_alloc].input); 814 buffer_init(&sockets[old_alloc].input);
815 buffer_init(&sockets[old_alloc].output); 815 buffer_init(&sockets[old_alloc].output);
816 buffer_init(&sockets[old_alloc].request); 816 buffer_init(&sockets[old_alloc].request);
817 sockets[old_alloc].type = type;
817} 818}
818 819
819static int 820static int