1 files changed, 28 insertions, 15 deletions
diff --git a/clientloop.c b/clientloop.c
index e69c5141f..1464634b0 100644
--- a/clientloop.c
+++ b/clientloop.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: clientloop.c,v 1.317 2018/07/11 18:53:29 markus Exp $ */
+/* $OpenBSD: clientloop.c,v 1.318 2018/09/21 12:46:22 djm Exp $ */
 /*
 * Author: Tatu Ylonen <ylo@cs.hut.fi>
 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -283,7 +283,7 @@ client_x11_get_proto(struct ssh *ssh, const char *display,
    const char *xauth_path, u_int trusted, u_int timeout,
    char **_proto, char **_data)
 {
-        char cmd[1024], line[512], xdisplay[512];
+        char *cmd, line[512], xdisplay[512];
        char xauthfile[PATH_MAX], xauthdir[PATH_MAX];
        static char proto[512], data[512];
        FILE *f;
@@ -347,19 +347,30 @@ client_x11_get_proto(struct ssh *ssh, const char *display,
                                return -1;
                        }
-                        if (timeout >= UINT_MAX - X11_TIMEOUT_SLACK)
+                        if (timeout == 0) {
-                                x11_timeout_real = UINT_MAX;
+                                /* auth doesn't time out */
-                        else
+                                xasprintf(&cmd, "%s -f %s generate %s %s "
-                                x11_timeout_real = timeout + X11_TIMEOUT_SLACK;
+                                    "untrusted 2>%s",
-                        if ((r = snprintf(cmd, sizeof(cmd),
+                                    xauth_path, xauthfile, display,
-                            "%s -f %s generate %s " SSH_X11_PROTO
+                                    SSH_X11_PROTO, _PATH_DEVNULL);
-                            " untrusted timeout %u 2>" _PATH_DEVNULL,
+                        } else {
-                            xauth_path, xauthfile, display,
+                                /* Add some slack to requested expiry */
-                            x11_timeout_real)) < 0 ||
+                                if (timeout < UINT_MAX - X11_TIMEOUT_SLACK)
-                            (size_t)r >= sizeof(cmd))
+                                        x11_timeout_real = timeout +
-                                fatal("%s: cmd too long", __func__);
+                                            X11_TIMEOUT_SLACK;
+                                else {
+                                        /* Don't overflow on long timeouts */
+                                        x11_timeout_real = UINT_MAX;
+                                }
+                                xasprintf(&cmd, "%s -f %s generate %s %s "
+                                    "untrusted timeout %u 2>%s",
+                                    xauth_path, xauthfile, display,
+                                    SSH_X11_PROTO, x11_timeout_real,
+                                    _PATH_DEVNULL);
+                        }
                        debug2("%s: %s", __func__, cmd);
-                        if (x11_refuse_time == 0) {
+                        if (timeout != 0 && x11_refuse_time == 0) {
                                now = monotime() + 1;
                                if (UINT_MAX - timeout < now)
                                        x11_refuse_time = UINT_MAX;
@@ -370,6 +381,7 @@ client_x11_get_proto(struct ssh *ssh, const char *display,
                        }
                        if (system(cmd) == 0)
                                generated = 1;
+                        free(cmd);
                }
                /*
@@ -378,7 +390,7 @@ client_x11_get_proto(struct ssh *ssh, const char *display,
                 * above.
                 */
                if (trusted || generated) {
-                        snprintf(cmd, sizeof(cmd),
+                        xasprintf(&cmd,
                            "%s %s%s list %s 2>" _PATH_DEVNULL,
                            xauth_path,
                            generated ? "-f " : "" ,
@@ -391,6 +403,7 @@ client_x11_get_proto(struct ssh *ssh, const char *display,
                                got_data = 1;
                        if (f)
                                pclose(f);
+                        free(cmd);
                }
        }

diff --git a/clientloop.c b/clientloop.c index e69c5141f..1464634b0 100644 --- a/clientloop.c +++ b/clientloop.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: clientloop.c,v 1.317 2018/07/11 18:53:29 markus Exp $ */	1	/* $OpenBSD: clientloop.c,v 1.318 2018/09/21 12:46:22 djm Exp $ */
2	/*	2	/*
3	* Author: Tatu Ylonen <ylo@cs.hut.fi>	3	* Author: Tatu Ylonen <ylo@cs.hut.fi>
4	* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland	4	* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -283,7 +283,7 @@ client_x11_get_proto(struct ssh ssh, const char display,
283	const char *xauth_path, u_int trusted, u_int timeout,	283	const char *xauth_path, u_int trusted, u_int timeout,
284	char _proto, char _data)	284	char _proto, char _data)
285	{	285	{
286	char cmd[1024], line[512], xdisplay[512];	286	char *cmd, line[512], xdisplay[512];
287	char xauthfile[PATH_MAX], xauthdir[PATH_MAX];	287	char xauthfile[PATH_MAX], xauthdir[PATH_MAX];
288	static char proto[512], data[512];	288	static char proto[512], data[512];
289	FILE *f;	289	FILE *f;
@@ -347,19 +347,30 @@ client_x11_get_proto(struct ssh ssh, const char display,
347	return -1;	347	return -1;
348	}	348	}
349		349
350	if (timeout >= UINT_MAX - X11_TIMEOUT_SLACK)	350	if (timeout == 0) {
351	x11_timeout_real = UINT_MAX;	351	/* auth doesn't time out */
352	else	352	xasprintf(&cmd, "%s -f %s generate %s %s "
353	x11_timeout_real = timeout + X11_TIMEOUT_SLACK;	353	"untrusted 2>%s",
354	if ((r = snprintf(cmd, sizeof(cmd),	354	xauth_path, xauthfile, display,
355	"%s -f %s generate %s " SSH_X11_PROTO	355	SSH_X11_PROTO, _PATH_DEVNULL);
356	" untrusted timeout %u 2>" _PATH_DEVNULL,	356	} else {
357	xauth_path, xauthfile, display,	357	/* Add some slack to requested expiry */
358	x11_timeout_real)) < 0 \|\|	358	if (timeout < UINT_MAX - X11_TIMEOUT_SLACK)
359	(size_t)r >= sizeof(cmd))	359	x11_timeout_real = timeout +
360	fatal("%s: cmd too long", __func__);	360	X11_TIMEOUT_SLACK;
		361	else {
		362	/* Don't overflow on long timeouts */
		363	x11_timeout_real = UINT_MAX;
		364	}
		365	xasprintf(&cmd, "%s -f %s generate %s %s "
		366	"untrusted timeout %u 2>%s",
		367	xauth_path, xauthfile, display,
		368	SSH_X11_PROTO, x11_timeout_real,
		369	_PATH_DEVNULL);
		370	}
361	debug2("%s: %s", __func__, cmd);	371	debug2("%s: %s", __func__, cmd);
362	if (x11_refuse_time == 0) {	372
		373	if (timeout != 0 && x11_refuse_time == 0) {
363	now = monotime() + 1;	374	now = monotime() + 1;
364	if (UINT_MAX - timeout < now)	375	if (UINT_MAX - timeout < now)
365	x11_refuse_time = UINT_MAX;	376	x11_refuse_time = UINT_MAX;
@@ -370,6 +381,7 @@ client_x11_get_proto(struct ssh ssh, const char display,
370	}	381	}
371	if (system(cmd) == 0)	382	if (system(cmd) == 0)
372	generated = 1;	383	generated = 1;
		384	free(cmd);
373	}	385	}
374		386
375	/*	387	/*
@@ -378,7 +390,7 @@ client_x11_get_proto(struct ssh ssh, const char display,
378	* above.	390	* above.
379	*/	391	*/
380	if (trusted \|\| generated) {	392	if (trusted \|\| generated) {
381	snprintf(cmd, sizeof(cmd),	393	xasprintf(&cmd,
382	"%s %s%s list %s 2>" _PATH_DEVNULL,	394	"%s %s%s list %s 2>" _PATH_DEVNULL,
383	xauth_path,	395	xauth_path,
384	generated ? "-f " : "" ,	396	generated ? "-f " : "" ,
@@ -391,6 +403,7 @@ client_x11_get_proto(struct ssh ssh, const char display,
391	got_data = 1;	403	got_data = 1;
392	if (f)	404	if (f)
393	pclose(f);	405	pclose(f);
		406	free(cmd);
394	}	407	}
395	}	408	}
396		409