- djm@cvs.openbsd.org 2010/08/31 09:58:37

[auth-options.c auth1.c auth2.c bufaux.c buffer.h kex.c key.c packet.c] [packet.h ssh-dss.c ssh-rsa.c] Add buffer_get_cstring() and related functions that verify that the string extracted from the buffer contains no embedded \0 characters* This prevents random (possibly malicious) crap from being appended to strings where it would not be noticed if the string is used with a string(3) function. Use the new API in a few sensitive places. * actually, we allow a single one at the end of the string for now because we don't know how many deployed implementations get this wrong, but don't count on this to remain indefinitely.
author: Damien Miller <djm@mindrot.org> 2010-08-31 22:36:39 +1000
committer: Damien Miller <djm@mindrot.org> 2010-08-31 22:36:39 +1000
commit: da108ece6843f1268aa36d7c8ed0030dc53acd15 (patch)
tree: 66638a1716374a8d1ac8ece95dceea56ce231a5c /ssh-dss.c
parent: d96546f5b0f7c57395a338dbb9ac3ac5a48b77fa (diff)
1 files changed, 2 insertions, 2 deletions
diff --git a/ssh-dss.c b/ssh-dss.c
index 175e4d030..ede5e21e5 100644
--- a/ssh-dss.c
+++ b/ssh-dss.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssh-dss.c,v 1.26 2010/04/16 01:47:26 djm Exp $ */
+/* $OpenBSD: ssh-dss.c,v 1.27 2010/08/31 09:58:37 djm Exp $ */
 /*
 * Copyright (c) 2000 Markus Friedl.  All rights reserved.
 *
@@ -133,7 +133,7 @@ ssh_dss_verify(const Key *key, const u_char *signature, u_int signaturelen,
                char *ktype;
                buffer_init(&b);
                buffer_append(&b, signature, signaturelen);
-                ktype = buffer_get_string(&b, NULL);
+                ktype = buffer_get_cstring(&b, NULL);
                if (strcmp("ssh-dss", ktype) != 0) {
                        error("ssh_dss_verify: cannot handle type %s", ktype);
                        buffer_free(&b);
author	Damien Miller <djm@mindrot.org>	2010-08-31 22:36:39 +1000
committer	Damien Miller <djm@mindrot.org>	2010-08-31 22:36:39 +1000
commit	da108ece6843f1268aa36d7c8ed0030dc53acd15 (patch)
tree	66638a1716374a8d1ac8ece95dceea56ce231a5c /ssh-dss.c
parent	d96546f5b0f7c57395a338dbb9ac3ac5a48b77fa (diff)

diff --git a/ssh-dss.c b/ssh-dss.c index 175e4d030..ede5e21e5 100644 --- a/ssh-dss.c +++ b/ssh-dss.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: ssh-dss.c,v 1.26 2010/04/16 01:47:26 djm Exp $ */	1	/* $OpenBSD: ssh-dss.c,v 1.27 2010/08/31 09:58:37 djm Exp $ */
2	/*	2	/*
3	* Copyright (c) 2000 Markus Friedl. All rights reserved.	3	* Copyright (c) 2000 Markus Friedl. All rights reserved.
4	*	4	*
@@ -133,7 +133,7 @@ ssh_dss_verify(const Key key, const u_char signature, u_int signaturelen,
133	char *ktype;	133	char *ktype;
134	buffer_init(&b);	134	buffer_init(&b);
135	buffer_append(&b, signature, signaturelen);	135	buffer_append(&b, signature, signaturelen);
136	ktype = buffer_get_string(&b, NULL);	136	ktype = buffer_get_cstring(&b, NULL);
137	if (strcmp("ssh-dss", ktype) != 0) {	137	if (strcmp("ssh-dss", ktype) != 0) {
138	error("ssh_dss_verify: cannot handle type %s", ktype);	138	error("ssh_dss_verify: cannot handle type %s", ktype);
139	buffer_free(&b);	139	buffer_free(&b);