1 files changed, 5 insertions, 72 deletions
diff --git a/auth-options.c b/auth-options.c
index b05d6d6f3..90b0d7f25 100644
--- a/auth-options.c
+++ b/auth-options.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: auth-options.c,v 1.84 2018/10/03 06:38:35 djm Exp $ */
+/* $OpenBSD: auth-options.c,v 1.89 2019/09/13 04:36:43 dtucker Exp $ */
 /*
 * Copyright (c) 2018 Damien Miller <djm@mindrot.org>
 *
@@ -19,6 +19,7 @@
 #include <sys/types.h>
+#include <stdlib.h>
 #include <netdb.h>
 #include <pwd.h>
 #include <string.h>
@@ -39,75 +40,6 @@
 #include "ssh2.h"
 #include "auth-options.h"
-/*
- * Match flag 'opt' in *optsp, and if allow_negate is set then also match
- * 'no-opt'. Returns -1 if option not matched, 1 if option matches or 0
- * if negated option matches.
- * If the option or negated option matches, then *optsp is updated to
- * point to the first character after the option.
- */
-static int
-opt_flag(const char *opt, int allow_negate, const char **optsp)
-{
-        size_t opt_len = strlen(opt);
-        const char *opts = *optsp;
-        int negate = 0;
-        if (allow_negate && strncasecmp(opts, "no-", 3) == 0) {
-                opts += 3;
-                negate = 1;
-        }
-        if (strncasecmp(opts, opt, opt_len) == 0) {
-                *optsp = opts + opt_len;
-                return negate ? 0 : 1;
-        }
-        return -1;
-}
-static char *
-opt_dequote(const char **sp, const char **errstrp)
-{
-        const char *s = *sp;
-        char *ret;
-        size_t i;
-        *errstrp = NULL;
-        if (*s != '"') {
-                *errstrp = "missing start quote";
-                return NULL;
-        }
-        s++;
-        if ((ret = malloc(strlen((s)) + 1)) == NULL) {
-                *errstrp = "memory allocation failed";
-                return NULL;
-        }
-        for (i = 0; *s != '\0' && *s != '"';) {
-                if (s[0] == '\\' && s[1] == '"')
-                        s++;
-                ret[i++] = *s++;
-        }
-        if (*s == '\0') {
-                *errstrp = "missing end quote";
-                free(ret);
-                return NULL;
-        }
-        ret[i] = '\0';
-        s++;
-        *sp = s;
-        return ret;
-}
-static int
-opt_match(const char **opts, const char *term)
-{
-        if (strncasecmp((*opts), term, strlen(term)) == 0 &&
-            (*opts)[strlen(term)] == '=') {
-                *opts += strlen(term) + 1;
-                return 1;
-        }
-        return 0;
-}
 static int
 dup_strings(char ***dstp, size_t *ndstp, char **src, size_t nsrc)
 {
@@ -320,7 +252,7 @@ handle_permit(const char **optsp, int allow_bare_port,
        size_t npermits = *npermitsp;
        const char *errstr = "unknown error";
-        if (npermits > INT_MAX) {
+        if (npermits > SSH_AUTHOPT_PERMIT_MAX) {
                *errstrp = "too many permission directives";
                return -1;
        }
@@ -332,7 +264,8 @@ handle_permit(const char **optsp, int allow_bare_port,
                 * Allow a bare port number in permitlisten to indicate a
                 * listen_host wildcard.
                 */
-                if (asprintf(&tmp, "*:%s", opt) < 0) {
+                if (asprintf(&tmp, "*:%s", opt) == -1) {
+                        free(opt);
                        *errstrp = "memory allocation failed";
                        return -1;
                }

diff --git a/auth-options.c b/auth-options.c index b05d6d6f3..90b0d7f25 100644 --- a/auth-options.c +++ b/auth-options.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: auth-options.c,v 1.84 2018/10/03 06:38:35 djm Exp $ */	1	/* $OpenBSD: auth-options.c,v 1.89 2019/09/13 04:36:43 dtucker Exp $ */
2	/*	2	/*
3	* Copyright (c) 2018 Damien Miller <djm@mindrot.org>	3	* Copyright (c) 2018 Damien Miller <djm@mindrot.org>
4	*	4	*
@@ -19,6 +19,7 @@
19		19
20	#include <sys/types.h>	20	#include <sys/types.h>
21		21
		22	#include <stdlib.h>
22	#include <netdb.h>	23	#include <netdb.h>
23	#include <pwd.h>	24	#include <pwd.h>
24	#include <string.h>	25	#include <string.h>
@@ -39,75 +40,6 @@
39	#include "ssh2.h"	40	#include "ssh2.h"
40	#include "auth-options.h"	41	#include "auth-options.h"
41		42
42	/*
43	* Match flag 'opt' in *optsp, and if allow_negate is set then also match
44	* 'no-opt'. Returns -1 if option not matched, 1 if option matches or 0
45	* if negated option matches.
46	* If the option or negated option matches, then *optsp is updated to
47	* point to the first character after the option.
48	*/
49	static int
50	opt_flag(const char opt, int allow_negate, const char *optsp)
51	{
52	size_t opt_len = strlen(opt);
53	const char opts = optsp;
54	int negate = 0;
55
56	if (allow_negate && strncasecmp(opts, "no-", 3) == 0) {
57	opts += 3;
58	negate = 1;
59	}
60	if (strncasecmp(opts, opt, opt_len) == 0) {
61	*optsp = opts + opt_len;
62	return negate ? 0 : 1;
63	}
64	return -1;
65	}
66
67	static char *
68	opt_dequote(const char sp, const char errstrp)
69	{
70	const char s = sp;
71	char *ret;
72	size_t i;
73
74	*errstrp = NULL;
75	if (*s != '"') {
76	*errstrp = "missing start quote";
77	return NULL;
78	}
79	s++;
80	if ((ret = malloc(strlen((s)) + 1)) == NULL) {
81	*errstrp = "memory allocation failed";
82	return NULL;
83	}
84	for (i = 0; s != '\0' && s != '"';) {
85	if (s[0] == '\\' && s[1] == '"')
86	s++;
87	ret[i++] = *s++;
88	}
89	if (*s == '\0') {
90	*errstrp = "missing end quote";
91	free(ret);
92	return NULL;
93	}
94	ret[i] = '\0';
95	s++;
96	*sp = s;
97	return ret;
98	}
99
100	static int
101	opt_match(const char *opts, const char term)
102	{
103	if (strncasecmp((*opts), term, strlen(term)) == 0 &&
104	(*opts)[strlen(term)] == '=') {
105	*opts += strlen(term) + 1;
106	return 1;
107	}
108	return 0;
109	}
110
111	static int	43	static int
112	dup_strings(char **dstp, size_t ndstp, char **src, size_t nsrc)	44	dup_strings(char **dstp, size_t ndstp, char **src, size_t nsrc)
113	{	45	{
@@ -320,7 +252,7 @@ handle_permit(const char **optsp, int allow_bare_port,
320	size_t npermits = *npermitsp;	252	size_t npermits = *npermitsp;
321	const char *errstr = "unknown error";	253	const char *errstr = "unknown error";
322		254
323	if (npermits > INT_MAX) {	255	if (npermits > SSH_AUTHOPT_PERMIT_MAX) {
324	*errstrp = "too many permission directives";	256	*errstrp = "too many permission directives";
325	return -1;	257	return -1;
326	}	258	}
@@ -332,7 +264,8 @@ handle_permit(const char **optsp, int allow_bare_port,
332	* Allow a bare port number in permitlisten to indicate a	264	* Allow a bare port number in permitlisten to indicate a
333	* listen_host wildcard.	265	* listen_host wildcard.
334	*/	266	*/
335	if (asprintf(&tmp, "*:%s", opt) < 0) {	267	if (asprintf(&tmp, "*:%s", opt) == -1) {
		268	free(opt);
336	*errstrp = "memory allocation failed";	269	*errstrp = "memory allocation failed";
337	return -1;	270	return -1;
338	}	271	}