From 3ca8b7717933e28b8bd896aab1738e937e1a3117 Mon Sep 17 00:00:00 2001
From: Damien Miller <djm@mindrot.org>
Date: Fri, 5 Jan 2007 16:24:47 +1100
Subject:    - ray@cvs.openbsd.org 2006/11/23 01:35:11      [misc.c sftp.c]    
  Don't access buf[strlen(buf) - 1] for zero-length strings.      ``ok by me''
 djm@.

---
 ChangeLog | 6 +++++-
 misc.c    | 4 +++-
 sftp.c    | 6 +++---
 3 files changed, 11 insertions(+), 5 deletions(-)

diff --git a/ChangeLog b/ChangeLog
index cd1c913f3..e9ac1c55b 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -3,6 +3,10 @@
    - deraadt@cvs.openbsd.org 2006/11/14 19:41:04
      [ssh-keygen.c]
      use argc and argv not some made up short form
+   - ray@cvs.openbsd.org 2006/11/23 01:35:11
+     [misc.c sftp.c]
+     Don't access buf[strlen(buf) - 1] for zero-length strings.
+     ``ok by me'' djm@.
 
 20061205
  - (djm) [auth.c] Fix NULL pointer dereference in fakepw().  Crash would
@@ -2623,4 +2627,4 @@
    OpenServer 6 and add osr5bigcrypt support so when someone migrates
    passwords between UnixWare and OpenServer they will still work. OK dtucker@
 
-$Id: ChangeLog,v 1.4592 2007/01/05 05:22:57 djm Exp $
+$Id: ChangeLog,v 1.4593 2007/01/05 05:24:47 djm Exp $
diff --git a/misc.c b/misc.c
index 78bca2fae..625a34368 100644
--- a/misc.c
+++ b/misc.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: misc.c,v 1.64 2006/08/03 03:34:42 deraadt Exp $ */
+/* $OpenBSD: misc.c,v 1.65 2006/11/23 01:35:11 ray Exp $ */
 /*
  * Copyright (c) 2000 Markus Friedl.  All rights reserved.
  * Copyright (c) 2005,2006 Damien Miller.  All rights reserved.
@@ -616,6 +616,8 @@ read_keyfile_line(FILE *f, const char *filename, char *buf, size_t bufsz,
    u_long *lineno)
 {
 	while (fgets(buf, bufsz, f) != NULL) {
+		if (buf[0] == '\0')
+			continue;
 		(*lineno)++;
 		if (buf[strlen(buf) - 1] == '\n' || feof(f)) {
 			return 0;
diff --git a/sftp.c b/sftp.c
index a39c782f7..990b0cbbd 100644
--- a/sftp.c
+++ b/sftp.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: sftp.c,v 1.93 2006/09/30 17:48:22 ray Exp $ */
+/* $OpenBSD: sftp.c,v 1.94 2006/11/23 01:35:11 ray Exp $ */
 /*
  * Copyright (c) 2001-2004 Damien Miller <djm@openbsd.org>
  *
@@ -298,11 +298,11 @@ static char *
 path_append(char *p1, char *p2)
 {
 	char *ret;
-	int len = strlen(p1) + strlen(p2) + 2;
+	size_t len = strlen(p1) + strlen(p2) + 2;
 
 	ret = xmalloc(len);
 	strlcpy(ret, p1, len);
-	if (p1[strlen(p1) - 1] != '/')
+	if (p1[0] != '\0' && p1[strlen(p1) - 1] != '/')
 		strlcat(ret, "/", len);
 	strlcat(ret, p2, len);
 
-- 
cgit v1.2.3