- djm@cvs.openbsd.org 2010/08/31 09:58:37

[auth-options.c auth1.c auth2.c bufaux.c buffer.h kex.c key.c packet.c] [packet.h ssh-dss.c ssh-rsa.c] Add buffer_get_cstring() and related functions that verify that the string extracted from the buffer contains no embedded \0 characters* This prevents random (possibly malicious) crap from being appended to strings where it would not be noticed if the string is used with a string(3) function. Use the new API in a few sensitive places. * actually, we allow a single one at the end of the string for now because we don't know how many deployed implementations get this wrong, but don't count on this to remain indefinitely.
author: Damien Miller <djm@mindrot.org> 2010-08-31 22:36:39 +1000
committer: Damien Miller <djm@mindrot.org> 2010-08-31 22:36:39 +1000
commit: da108ece6843f1268aa36d7c8ed0030dc53acd15 (patch)
tree: 66638a1716374a8d1ac8ece95dceea56ce231a5c /ssh-rsa.c
parent: d96546f5b0f7c57395a338dbb9ac3ac5a48b77fa (diff)
1 files changed, 2 insertions, 2 deletions
diff --git a/ssh-rsa.c b/ssh-rsa.c
index c471ff323..c6355fa09 100644
--- a/ssh-rsa.c
+++ b/ssh-rsa.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssh-rsa.c,v 1.44 2010/07/16 14:07:35 djm Exp $ */
+/* $OpenBSD: ssh-rsa.c,v 1.45 2010/08/31 09:58:37 djm Exp $ */
 /*
 * Copyright (c) 2000, 2003 Markus Friedl <markus@openbsd.org>
 *
@@ -127,7 +127,7 @@ ssh_rsa_verify(const Key *key, const u_char *signature, u_int signaturelen,
        }
        buffer_init(&b);
        buffer_append(&b, signature, signaturelen);
-        ktype = buffer_get_string(&b, NULL);
+        ktype = buffer_get_cstring(&b, NULL);
        if (strcmp("ssh-rsa", ktype) != 0) {
                error("ssh_rsa_verify: cannot handle type %s", ktype);
                buffer_free(&b);
author	Damien Miller <djm@mindrot.org>	2010-08-31 22:36:39 +1000
committer	Damien Miller <djm@mindrot.org>	2010-08-31 22:36:39 +1000
commit	da108ece6843f1268aa36d7c8ed0030dc53acd15 (patch)
tree	66638a1716374a8d1ac8ece95dceea56ce231a5c /ssh-rsa.c
parent	d96546f5b0f7c57395a338dbb9ac3ac5a48b77fa (diff)

diff --git a/ssh-rsa.c b/ssh-rsa.c index c471ff323..c6355fa09 100644 --- a/ssh-rsa.c +++ b/ssh-rsa.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: ssh-rsa.c,v 1.44 2010/07/16 14:07:35 djm Exp $ */	1	/* $OpenBSD: ssh-rsa.c,v 1.45 2010/08/31 09:58:37 djm Exp $ */
2	/*	2	/*
3	* Copyright (c) 2000, 2003 Markus Friedl <markus@openbsd.org>	3	* Copyright (c) 2000, 2003 Markus Friedl <markus@openbsd.org>
4	*	4	*
@@ -127,7 +127,7 @@ ssh_rsa_verify(const Key key, const u_char signature, u_int signaturelen,
127	}	127	}
128	buffer_init(&b);	128	buffer_init(&b);
129	buffer_append(&b, signature, signaturelen);	129	buffer_append(&b, signature, signaturelen);
130	ktype = buffer_get_string(&b, NULL);	130	ktype = buffer_get_cstring(&b, NULL);
131	if (strcmp("ssh-rsa", ktype) != 0) {	131	if (strcmp("ssh-rsa", ktype) != 0) {
132	error("ssh_rsa_verify: cannot handle type %s", ktype);	132	error("ssh_rsa_verify: cannot handle type %s", ktype);
133	buffer_free(&b);	133	buffer_free(&b);