From 61b8ef6a66efaec07e023342cb94a10bdc2254dc Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Fri, 10 Mar 2017 04:27:32 +0000 Subject: upstream commit better match sshd config parser behaviour: fatal() if line is overlong, increase line buffer to match sshd's; bz#2651 reported by Don Fong; ok dtucker@ Upstream-ID: b175ae7e0ba403833f1ee566edf10f67443ccd18 --- readconf.c | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/readconf.c b/readconf.c index c62c2eaba..9d59493f0 100644 --- a/readconf.c +++ b/readconf.c @@ -1,4 +1,4 @@ -/* $OpenBSD: readconf.c,v 1.269 2017/03/10 03:24:48 dtucker Exp $ */ +/* $OpenBSD: readconf.c,v 1.270 2017/03/10 04:27:32 djm Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -1720,7 +1720,7 @@ read_config_file_depth(const char *filename, struct passwd *pw, int flags, int *activep, int depth) { FILE *f; - char line[1024]; + char line[4096]; int linenum; int bad_options = 0; @@ -1750,6 +1750,8 @@ read_config_file_depth(const char *filename, struct passwd *pw, while (fgets(line, sizeof(line), f)) { /* Update line number counter. */ linenum++; + if (strlen(line) == sizeof(line) - 1) + fatal("%s line %d too long", filename, linenum); if (process_config_line_depth(options, pw, host, original_host, line, filename, linenum, activep, flags, depth) != 0) bad_options++; -- cgit v1.2.3