2 files changed, 11 insertions, 5 deletions

diff --git a/ChangeLog b/ChangeLog
index 33abee3b8..360cf61b3 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -12,6 +12,11 @@
    - dtucker@cvs.openbsd.org 2006/04/02 08:34:52
      [ssh-keysign.c]
      sessionid can be 32 bytes now too when sha256 kex is used; ok djm@
+   - djm@cvs.openbsd.org 2006/04/03 07:10:38
+     [gss-genr.c]
+     GSSAPI buffers shouldn't be nul-terminated, spotted in bugzilla #1066
+     by dleonard AT vintela.com. use xasprintf() to simplify code while in
+     there; "looks right" deraadt@
 
 20060421
  - (djm) [Makefile.in configure.ac session.c sshpty.c]
@@ -4523,4 +4528,4 @@
    - (djm) Trim deprecated options from INSTALL. Mention UsePAM
    - (djm) Fix quote handling in sftp; Patch from admorten AT umich.edu
 
-$Id: ChangeLog,v 1.4305 2006/04/23 02:05:32 djm Exp $
+$Id: ChangeLog,v 1.4306 2006/04/23 02:05:46 djm Exp $
diff --git a/gss-genr.c b/gss-genr.c
index 4c10f1aab..3d630ab82 100644
--- a/gss-genr.c
+++ b/gss-genr.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: gss-genr.c,v 1.9 2006/03/25 22:22:43 djm Exp $ */
+/* $OpenBSD: gss-genr.c,v 1.10 2006/04/03 07:10:38 djm Exp $ */
 
 /*
  * Copyright (c) 2001-2003 Simon Wilkinson. All rights reserved.
@@ -205,10 +205,11 @@ OM_uint32
 ssh_gssapi_import_name(Gssctxt *ctx, const char *host)
 {
         gss_buffer_desc gssbuf;
+        char *val;
 
-        gssbuf.length = sizeof("host@") + strlen(host);
-        gssbuf.value = xmalloc(gssbuf.length);
-        snprintf(gssbuf.value, gssbuf.length, "host@%s", host);
+        xasprintf(&val, "host@%s", host);
+        gssbuf.value = val;
+        gssbuf.length = strlen(gssbuf.value);
 
         if ((ctx->major = gss_import_name(&ctx->minor,
             &gssbuf, GSS_C_NT_HOSTBASED_SERVICE, &ctx->name)))