6 files changed, 61 insertions, 55 deletions
diff --git a/ChangeLog b/ChangeLog
index a07bd21c6..e688d4f02 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -155,6 +155,10 @@
   - provos@cvs.openbsd.org 2002/01/13 17:27:07
     [ssh-agent.c]
     change to use queue.h macros; okay markus@
+   - markus@cvs.openbsd.org 2002/01/13 17:57:37
+     [auth2.c auth2-chall.c compat.c sshconnect2.c sshd.c]
+     use buffer API and avoid static strings of fixed size; 
+     ok provos@/mouring@
 20020121
@@ -7303,4 +7307,4 @@
 - Wrote replacements for strlcpy and mkdtemp
 - Released 1.0pre1
-$Id: ChangeLog,v 1.1767 2002/01/22 12:26:13 djm Exp $
+$Id: ChangeLog,v 1.1768 2002/01/22 12:26:38 djm Exp $
diff --git a/auth2-chall.c b/auth2-chall.c
index a1f96392e..9f1d93275 100644
--- a/auth2-chall.c
+++ b/auth2-chall.c
@@ -23,10 +23,11 @@
 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 */
 #include "includes.h"
-RCSID("$OpenBSD: auth2-chall.c,v 1.15 2002/01/11 23:02:51 markus Exp $");
+RCSID("$OpenBSD: auth2-chall.c,v 1.16 2002/01/13 17:57:37 markus Exp $");
 #include "ssh2.h"
 #include "auth.h"
+#include "buffer.h"
 #include "packet.h"
 #include "xmalloc.h"
 #include "dispatch.h"
@@ -68,22 +69,25 @@ static KbdintAuthctxt *
 kbdint_alloc(const char *devs)
 {
        KbdintAuthctxt *kbdintctxt;
+        Buffer b;
        int i;
-        char buf[1024];
        kbdintctxt = xmalloc(sizeof(KbdintAuthctxt));
        if (strcmp(devs, "") == 0) {
-                buf[0] = '\0';
+                buffer_init(&b);
                for (i = 0; devices[i]; i++) {
-                        if (i != 0)
+                        if (buffer_len(&b) > 0)
-                                strlcat(buf, ",", sizeof(buf));
+                                buffer_append(&b, ",", 1);
-                        strlcat(buf, devices[i]->name, sizeof(buf));
+                        buffer_append(&b, devices[i]->name,
+                            strlen(devices[i]->name));
                }
-                debug("kbdint_alloc: devices '%s'", buf);
+                buffer_append(&b, "\0", 1);
-                kbdintctxt->devices = xstrdup(buf);
+                kbdintctxt->devices = xstrdup(buffer_ptr(&b));
+                buffer_free(&b);
        } else {
                kbdintctxt->devices = xstrdup(devs);
        }
+        debug("kbdint_alloc: devices '%s'", kbdintctxt->devices);
        kbdintctxt->ctxt = NULL;
        kbdintctxt->device = NULL;
diff --git a/auth2.c b/auth2.c
index dc35a55f4..431f955fc 100644
--- a/auth2.c
+++ b/auth2.c
@@ -23,7 +23,7 @@
 */
 #include "includes.h"
-RCSID("$OpenBSD: auth2.c,v 1.81 2002/01/11 13:39:36 markus Exp $");
+RCSID("$OpenBSD: auth2.c,v 1.82 2002/01/13 17:57:37 markus Exp $");
 #include <openssl/evp.h>
@@ -588,31 +588,22 @@ static char *
 authmethods_get(void)
 {
        Authmethod *method = NULL;
-        u_int size = 0;
+        Buffer b;
        char *list;
+        buffer_init(&b);
        for (method = authmethods; method->name != NULL; method++) {
                if (strcmp(method->name, "none") == 0)
                        continue;
                if (method->enabled != NULL && *(method->enabled) != 0) {
-                        if (size != 0)
+                        if (buffer_len(&b) > 0)
-                                size += strlen(DELIM);
+                                buffer_append(&b, ",", 1);
-                        size += strlen(method->name);
+                        buffer_append(&b, method->name, strlen(method->name));
-                }
-        }
-        size++;                 /* trailing '\0' */
-        list = xmalloc(size);
-        list[0] = '\0';
-        for (method = authmethods; method->name != NULL; method++) {
-                if (strcmp(method->name, "none") == 0)
-                        continue;
-                if (method->enabled != NULL && *(method->enabled) != 0) {
-                        if (list[0] != '\0')
-                                strlcat(list, DELIM, size);
-                        strlcat(list, method->name, size);
                }
        }
+        buffer_append(&b, "\0", 1);
+        list = xstrdup(buffer_ptr(&b));
+        buffer_free(&b);
        return list;
 }
diff --git a/compat.c b/compat.c
index 3f8d1c041..6a9ba4653 100644
--- a/compat.c
+++ b/compat.c
@@ -23,8 +23,9 @@
 */
 #include "includes.h"
-RCSID("$OpenBSD: compat.c,v 1.56 2001/12/19 07:18:56 deraadt Exp $");
+RCSID("$OpenBSD: compat.c,v 1.57 2002/01/13 17:57:37 markus Exp $");
+#include "buffer.h"
 #include "packet.h"
 #include "xmalloc.h"
 #include "compat.h"
@@ -182,24 +183,25 @@ proto_spec(const char *spec)
 char *
 compat_cipher_proposal(char *cipher_prop)
 {
+        Buffer b;
        char *orig_prop, *fix_ciphers;
        char *cp, *tmp;
-        size_t len;
        if (!(datafellows & SSH_BUG_BIGENDIANAES))
                return(cipher_prop);
-        len = strlen(cipher_prop) + 1;
+        buffer_init(&b);
-        fix_ciphers = xmalloc(len);
-        *fix_ciphers = '\0';
        tmp = orig_prop = xstrdup(cipher_prop);
        while ((cp = strsep(&tmp, ",")) != NULL) {
                if (strncmp(cp, "aes", 3) && strncmp(cp, "rijndael", 8)) {
-                        if (*fix_ciphers)
+                        if (buffer_len(&b) > 0)
-                                strlcat(fix_ciphers, ",", len);
+                                buffer_append(&b, ",", 1);
-                        strlcat(fix_ciphers, cp, len);
+                        buffer_append(&b, cp, strlen(cp));
                }
        }
+        buffer_append(&b, "\0", 1);
+        fix_ciphers = xstrdup(buffer_ptr(&b));
+        buffer_free(&b);
        xfree(orig_prop);
        debug2("Original cipher proposal: %s", cipher_prop);
        debug2("Compat cipher proposal: %s", fix_ciphers);
diff --git a/sshconnect2.c b/sshconnect2.c
index a565f73cc..3e5ca7ad1 100644
--- a/sshconnect2.c
+++ b/sshconnect2.c
@@ -23,7 +23,7 @@
 */
 #include "includes.h"
-RCSID("$OpenBSD: sshconnect2.c,v 1.92 2001/12/28 15:06:00 markus Exp $");
+RCSID("$OpenBSD: sshconnect2.c,v 1.93 2002/01/13 17:57:37 markus Exp $");
 #include <openssl/bn.h>
 #include <openssl/md5.h>
@@ -991,22 +991,23 @@ authmethod_get(char *authlist)
        }
 }
-#define DELIM   ","
 static char *
 authmethods_get(void)
 {
        Authmethod *method = NULL;
-        char buf[1024];
+        Buffer b;
+        char *list;
-        buf[0] = '\0';
+        buffer_init(&b);
        for (method = authmethods; method->name != NULL; method++) {
                if (authmethod_is_enabled(method)) {
-                        if (buf[0] != '\0')
+                        if (buffer_len(&b) > 0)
-                                strlcat(buf, DELIM, sizeof buf);
+                                buffer_append(&b, ",", 1);
-                        strlcat(buf, method->name, sizeof buf);
+                        buffer_append(&b, method->name, strlen(method->name));
                }
        }
-        return xstrdup(buf);
+        buffer_append(&b, "\0", 1);
+        list = xstrdup(buffer_ptr(&b));
+        buffer_free(&b);
+        return list;
 }
diff --git a/sshd.c b/sshd.c
index d86e683b1..2ecf18cde 100644
--- a/sshd.c
+++ b/sshd.c
@@ -40,7 +40,7 @@
 */
 #include "includes.h"
-RCSID("$OpenBSD: sshd.c,v 1.222 2001/12/28 14:50:54 markus Exp $");
+RCSID("$OpenBSD: sshd.c,v 1.223 2002/01/13 17:57:37 markus Exp $");
 #include <openssl/dh.h>
 #include <openssl/bn.h>
@@ -480,9 +480,11 @@ destroy_sensitive_data(void)
 static char *
 list_hostkey_types(void)
 {
-        static char buf[1024];
+        Buffer b;
+        char *p;
        int i;
-        buf[0] = '\0';
+        buffer_init(&b);
        for (i = 0; i < options.num_host_key_files; i++) {
                Key *key = sensitive_data.host_keys[i];
                if (key == NULL)
@@ -490,16 +492,18 @@ list_hostkey_types(void)
                switch (key->type) {
                case KEY_RSA:
                case KEY_DSA:
-                        strlcat(buf, key_ssh_name(key), sizeof buf);
+                        if (buffer_len(&b) > 0)
-                        strlcat(buf, ",", sizeof buf);
+                                buffer_append(&b, ",", 1);
+                        p = key_ssh_name(key);
+                        buffer_append(&b, p, strlen(p));
                        break;
                }
        }
-        i = strlen(buf);
+        buffer_append(&b, "\0", 1);
-        if (i > 0 && buf[i-1] == ',')
+        p = xstrdup(buffer_ptr(&b));
-                buf[i-1] = '\0';
+        buffer_free(&b);
-        debug("list_hostkey_types: %s", buf);
+        debug("list_hostkey_types: %s", p);
-        return buf;
+        return p;
 }
 static Key *

diff --git a/ChangeLog b/ChangeLog index a07bd21c6..e688d4f02 100644 --- a/ChangeLog +++ b/ChangeLog
@@ -155,6 +155,10 @@
155	- provos@cvs.openbsd.org 2002/01/13 17:27:07	155	- provos@cvs.openbsd.org 2002/01/13 17:27:07
156	[ssh-agent.c]	156	[ssh-agent.c]
157	change to use queue.h macros; okay markus@	157	change to use queue.h macros; okay markus@
		158	- markus@cvs.openbsd.org 2002/01/13 17:57:37
		159	[auth2.c auth2-chall.c compat.c sshconnect2.c sshd.c]
		160	use buffer API and avoid static strings of fixed size;
		161	ok provos@/mouring@
158		162
159		163
160	20020121	164	20020121
@@ -7303,4 +7307,4 @@
7303	- Wrote replacements for strlcpy and mkdtemp	7307	- Wrote replacements for strlcpy and mkdtemp
7304	- Released 1.0pre1	7308	- Released 1.0pre1
7305		7309
7306	$Id: ChangeLog,v 1.1767 2002/01/22 12:26:13 djm Exp $	7310	$Id: ChangeLog,v 1.1768 2002/01/22 12:26:38 djm Exp $


diff --git a/auth2-chall.c b/auth2-chall.c index a1f96392e..9f1d93275 100644 --- a/auth2-chall.c +++ b/auth2-chall.c
@@ -23,10 +23,11 @@
23	* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.	23	* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
24	*/	24	*/
25	#include "includes.h"	25	#include "includes.h"
26	RCSID("$OpenBSD: auth2-chall.c,v 1.15 2002/01/11 23:02:51 markus Exp $");	26	RCSID("$OpenBSD: auth2-chall.c,v 1.16 2002/01/13 17:57:37 markus Exp $");
27		27
28	#include "ssh2.h"	28	#include "ssh2.h"
29	#include "auth.h"	29	#include "auth.h"
		30	#include "buffer.h"
30	#include "packet.h"	31	#include "packet.h"
31	#include "xmalloc.h"	32	#include "xmalloc.h"
32	#include "dispatch.h"	33	#include "dispatch.h"
@@ -68,22 +69,25 @@ static KbdintAuthctxt *
68	kbdint_alloc(const char *devs)	69	kbdint_alloc(const char *devs)
69	{	70	{
70	KbdintAuthctxt *kbdintctxt;	71	KbdintAuthctxt *kbdintctxt;
		72	Buffer b;
71	int i;	73	int i;
72	char buf[1024];
73		74
74	kbdintctxt = xmalloc(sizeof(KbdintAuthctxt));	75	kbdintctxt = xmalloc(sizeof(KbdintAuthctxt));
75	if (strcmp(devs, "") == 0) {	76	if (strcmp(devs, "") == 0) {
76	buf[0] = '\0';	77	buffer_init(&b);
77	for (i = 0; devices[i]; i++) {	78	for (i = 0; devices[i]; i++) {
78	if (i != 0)	79	if (buffer_len(&b) > 0)
79	strlcat(buf, ",", sizeof(buf));	80	buffer_append(&b, ",", 1);
80	strlcat(buf, devices[i]->name, sizeof(buf));	81	buffer_append(&b, devices[i]->name,
		82	strlen(devices[i]->name));
81	}	83	}
82	debug("kbdint_alloc: devices '%s'", buf);	84	buffer_append(&b, "\0", 1);
83	kbdintctxt->devices = xstrdup(buf);	85	kbdintctxt->devices = xstrdup(buffer_ptr(&b));
		86	buffer_free(&b);
84	} else {	87	} else {
85	kbdintctxt->devices = xstrdup(devs);	88	kbdintctxt->devices = xstrdup(devs);
86	}	89	}
		90	debug("kbdint_alloc: devices '%s'", kbdintctxt->devices);
87	kbdintctxt->ctxt = NULL;	91	kbdintctxt->ctxt = NULL;
88	kbdintctxt->device = NULL;	92	kbdintctxt->device = NULL;
89		93


diff --git a/auth2.c b/auth2.c index dc35a55f4..431f955fc 100644 --- a/auth2.c +++ b/auth2.c
@@ -23,7 +23,7 @@
23	*/	23	*/
24		24
25	#include "includes.h"	25	#include "includes.h"
26	RCSID("$OpenBSD: auth2.c,v 1.81 2002/01/11 13:39:36 markus Exp $");	26	RCSID("$OpenBSD: auth2.c,v 1.82 2002/01/13 17:57:37 markus Exp $");
27		27
28	#include <openssl/evp.h>	28	#include <openssl/evp.h>
29		29
@@ -588,31 +588,22 @@ static char *
588	authmethods_get(void)	588	authmethods_get(void)
589	{	589	{
590	Authmethod *method = NULL;	590	Authmethod *method = NULL;
591	u_int size = 0;	591	Buffer b;
592	char *list;	592	char *list;
593		593
		594	buffer_init(&b);
594	for (method = authmethods; method->name != NULL; method++) {	595	for (method = authmethods; method->name != NULL; method++) {
595	if (strcmp(method->name, "none") == 0)	596	if (strcmp(method->name, "none") == 0)
596	continue;	597	continue;
597	if (method->enabled != NULL && *(method->enabled) != 0) {	598	if (method->enabled != NULL && *(method->enabled) != 0) {
598	if (size != 0)	599	if (buffer_len(&b) > 0)
599	size += strlen(DELIM);	600	buffer_append(&b, ",", 1);
600	size += strlen(method->name);	601	buffer_append(&b, method->name, strlen(method->name));
601	}
602	}
603	size++; /* trailing '\0' */
604	list = xmalloc(size);
605	list[0] = '\0';
606
607	for (method = authmethods; method->name != NULL; method++) {
608	if (strcmp(method->name, "none") == 0)
609	continue;
610	if (method->enabled != NULL && *(method->enabled) != 0) {
611	if (list[0] != '\0')
612	strlcat(list, DELIM, size);
613	strlcat(list, method->name, size);
614	}	602	}
615	}	603	}
		604	buffer_append(&b, "\0", 1);
		605	list = xstrdup(buffer_ptr(&b));
		606	buffer_free(&b);
616	return list;	607	return list;
617	}	608	}
618		609


diff --git a/compat.c b/compat.c index 3f8d1c041..6a9ba4653 100644 --- a/compat.c +++ b/compat.c
@@ -23,8 +23,9 @@
23	*/	23	*/
24		24
25	#include "includes.h"	25	#include "includes.h"
26	RCSID("$OpenBSD: compat.c,v 1.56 2001/12/19 07:18:56 deraadt Exp $");	26	RCSID("$OpenBSD: compat.c,v 1.57 2002/01/13 17:57:37 markus Exp $");
27		27
		28	#include "buffer.h"
28	#include "packet.h"	29	#include "packet.h"
29	#include "xmalloc.h"	30	#include "xmalloc.h"
30	#include "compat.h"	31	#include "compat.h"
@@ -182,24 +183,25 @@ proto_spec(const char *spec)
182	char *	183	char *
183	compat_cipher_proposal(char *cipher_prop)	184	compat_cipher_proposal(char *cipher_prop)
184	{	185	{
		186	Buffer b;
185	char orig_prop, fix_ciphers;	187	char orig_prop, fix_ciphers;
186	char cp, tmp;	188	char cp, tmp;
187	size_t len;
188		189
189	if (!(datafellows & SSH_BUG_BIGENDIANAES))	190	if (!(datafellows & SSH_BUG_BIGENDIANAES))
190	return(cipher_prop);	191	return(cipher_prop);
191		192
192	len = strlen(cipher_prop) + 1;	193	buffer_init(&b);
193	fix_ciphers = xmalloc(len);
194	*fix_ciphers = '\0';
195	tmp = orig_prop = xstrdup(cipher_prop);	194	tmp = orig_prop = xstrdup(cipher_prop);
196	while ((cp = strsep(&tmp, ",")) != NULL) {	195	while ((cp = strsep(&tmp, ",")) != NULL) {
197	if (strncmp(cp, "aes", 3) && strncmp(cp, "rijndael", 8)) {	196	if (strncmp(cp, "aes", 3) && strncmp(cp, "rijndael", 8)) {
198	if (*fix_ciphers)	197	if (buffer_len(&b) > 0)
199	strlcat(fix_ciphers, ",", len);	198	buffer_append(&b, ",", 1);
200	strlcat(fix_ciphers, cp, len);	199	buffer_append(&b, cp, strlen(cp));
201	}	200	}
202	}	201	}
		202	buffer_append(&b, "\0", 1);
		203	fix_ciphers = xstrdup(buffer_ptr(&b));
		204	buffer_free(&b);
203	xfree(orig_prop);	205	xfree(orig_prop);
204	debug2("Original cipher proposal: %s", cipher_prop);	206	debug2("Original cipher proposal: %s", cipher_prop);
205	debug2("Compat cipher proposal: %s", fix_ciphers);	207	debug2("Compat cipher proposal: %s", fix_ciphers);


diff --git a/sshconnect2.c b/sshconnect2.c index a565f73cc..3e5ca7ad1 100644 --- a/sshconnect2.c +++ b/sshconnect2.c
@@ -23,7 +23,7 @@
23	*/	23	*/
24		24
25	#include "includes.h"	25	#include "includes.h"
26	RCSID("$OpenBSD: sshconnect2.c,v 1.92 2001/12/28 15:06:00 markus Exp $");	26	RCSID("$OpenBSD: sshconnect2.c,v 1.93 2002/01/13 17:57:37 markus Exp $");
27		27
28	#include <openssl/bn.h>	28	#include <openssl/bn.h>
29	#include <openssl/md5.h>	29	#include <openssl/md5.h>
@@ -991,22 +991,23 @@ authmethod_get(char *authlist)
991	}	991	}
992	}	992	}
993		993
994
995	#define DELIM ","
996
997	static char *	994	static char *
998	authmethods_get(void)	995	authmethods_get(void)
999	{	996	{
1000	Authmethod *method = NULL;	997	Authmethod *method = NULL;
1001	char buf[1024];	998	Buffer b;
		999	char *list;
1002		1000
1003	buf[0] = '\0';	1001	buffer_init(&b);
1004	for (method = authmethods; method->name != NULL; method++) {	1002	for (method = authmethods; method->name != NULL; method++) {
1005	if (authmethod_is_enabled(method)) {	1003	if (authmethod_is_enabled(method)) {
1006	if (buf[0] != '\0')	1004	if (buffer_len(&b) > 0)
1007	strlcat(buf, DELIM, sizeof buf);	1005	buffer_append(&b, ",", 1);
1008	strlcat(buf, method->name, sizeof buf);	1006	buffer_append(&b, method->name, strlen(method->name));
1009	}	1007	}
1010	}	1008	}
1011	return xstrdup(buf);	1009	buffer_append(&b, "\0", 1);
		1010	list = xstrdup(buffer_ptr(&b));
		1011	buffer_free(&b);
		1012	return list;
1012	}	1013	}


diff --git a/sshd.c b/sshd.c index d86e683b1..2ecf18cde 100644 --- a/sshd.c +++ b/sshd.c
@@ -40,7 +40,7 @@
40	*/	40	*/
41		41
42	#include "includes.h"	42	#include "includes.h"
43	RCSID("$OpenBSD: sshd.c,v 1.222 2001/12/28 14:50:54 markus Exp $");	43	RCSID("$OpenBSD: sshd.c,v 1.223 2002/01/13 17:57:37 markus Exp $");
44		44
45	#include <openssl/dh.h>	45	#include <openssl/dh.h>
46	#include <openssl/bn.h>	46	#include <openssl/bn.h>
@@ -480,9 +480,11 @@ destroy_sensitive_data(void)
480	static char *	480	static char *
481	list_hostkey_types(void)	481	list_hostkey_types(void)
482	{	482	{
483	static char buf[1024];	483	Buffer b;
		484	char *p;
484	int i;	485	int i;
485	buf[0] = '\0';	486
		487	buffer_init(&b);
486	for (i = 0; i < options.num_host_key_files; i++) {	488	for (i = 0; i < options.num_host_key_files; i++) {
487	Key *key = sensitive_data.host_keys[i];	489	Key *key = sensitive_data.host_keys[i];
488	if (key == NULL)	490	if (key == NULL)
@@ -490,16 +492,18 @@ list_hostkey_types(void)
490	switch (key->type) {	492	switch (key->type) {
491	case KEY_RSA:	493	case KEY_RSA:
492	case KEY_DSA:	494	case KEY_DSA:
493	strlcat(buf, key_ssh_name(key), sizeof buf);	495	if (buffer_len(&b) > 0)
494	strlcat(buf, ",", sizeof buf);	496	buffer_append(&b, ",", 1);
		497	p = key_ssh_name(key);
		498	buffer_append(&b, p, strlen(p));
495	break;	499	break;
496	}	500	}
497	}	501	}
498	i = strlen(buf);	502	buffer_append(&b, "\0", 1);
499	if (i > 0 && buf[i-1] == ',')	503	p = xstrdup(buffer_ptr(&b));
500	buf[i-1] = '\0';	504	buffer_free(&b);
501	debug("list_hostkey_types: %s", buf);	505	debug("list_hostkey_types: %s", p);
502	return buf;	506	return p;
503	}	507	}
504		508
505	static Key *	509	static Key *