summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--ChangeLog7
-rw-r--r--session.c9
2 files changed, 14 insertions, 2 deletions
diff --git a/ChangeLog b/ChangeLog
index fa0453c86..e49127bfa 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,10 @@
120140304
2 - OpenBSD CVS Sync
3 - djm@cvs.openbsd.org 2014/03/03 22:22:30
4 [session.c]
5 ignore enviornment variables with embedded '=' or '\0' characters;
6 spotted by Jann Horn; ok deraadt@
7
120140301 820140301
2 - (djm) [regress/Makefile] Disable dhgex regress test; it breaks when 9 - (djm) [regress/Makefile] Disable dhgex regress test; it breaks when
3 no moduli file exists at the expected location. 10 no moduli file exists at the expected location.
diff --git a/session.c b/session.c
index f5049774b..2bcf8185c 100644
--- a/session.c
+++ b/session.c
@@ -978,6 +978,11 @@ child_set_env(char ***envp, u_int *envsizep, const char *name,
978 u_int envsize; 978 u_int envsize;
979 u_int i, namelen; 979 u_int i, namelen;
980 980
981 if (strchr(name, '=') != NULL) {
982 error("Invalid environment variable \"%.100s\"", name);
983 return;
984 }
985
981 /* 986 /*
982 * If we're passed an uninitialized list, allocate a single null 987 * If we're passed an uninitialized list, allocate a single null
983 * entry before continuing. 988 * entry before continuing.
@@ -2225,8 +2230,8 @@ session_env_req(Session *s)
2225 char *name, *val; 2230 char *name, *val;
2226 u_int name_len, val_len, i; 2231 u_int name_len, val_len, i;
2227 2232
2228 name = packet_get_string(&name_len); 2233 name = packet_get_cstring(&name_len);
2229 val = packet_get_string(&val_len); 2234 val = packet_get_cstring(&val_len);
2230 packet_check_eom(); 2235 packet_check_eom();
2231 2236
2232 /* Don't set too many environment variables */ 2237 /* Don't set too many environment variables */