- djm@cvs.openbsd.org 2006/03/25 00:05:41

     [auth-bsdauth.c auth-skey.c auth.c auth2-chall.c channels.c]
     [clientloop.c deattack.c gss-genr.c kex.c key.c misc.c moduli.c]
     [monitor.c monitor_wrap.c packet.c scard.c sftp-server.c ssh-agent.c]
     [ssh-keyscan.c ssh.c sshconnect.c sshconnect2.c sshd.c uuencode.c]
     [xmalloc.c xmalloc.h]
     introduce xcalloc() and xasprintf() failure-checked allocations
     functions and use them throughout openssh

     xcalloc is particularly important because malloc(nmemb * size) is a
     dangerous idiom (subject to integer overflow) and it is time for it
     to die

     feedback and ok deraadt@

1 files changed, 3 insertions, 2 deletions

diff --git a/ssh.c b/ssh.c
index 0c950745b..f34be679c 100644
--- a/ssh.c
+++ b/ssh.c
@@ -687,7 +687,7 @@ main(int ac, char **av)
         if (options.rhosts_rsa_authentication ||
             options.hostbased_authentication) {
                 sensitive_data.nkeys = 3;
-                sensitive_data.keys = xmalloc(sensitive_data.nkeys *
+                sensitive_data.keys = xcalloc(sensitive_data.nkeys, 
                     sizeof(Key));
 
                 PRIV_START;
@@ -1250,7 +1250,8 @@ env_permitted(char *env)
         int i;
         char name[1024], *cp;
 
-        strlcpy(name, env, sizeof(name));
+        if (strlcpy(name, env, sizeof(name)) >= sizeof(name))
+                fatal("env_permitted: name too long");
         if ((cp = strchr(name, '=')) == NULL)
                 return (0);