From 1a31d02b2411c4718de58ce796dbb7b5e14db93e Mon Sep 17 00:00:00 2001
From: "djm@openbsd.org" <djm@openbsd.org>
Date: Mon, 2 May 2016 08:49:03 +0000
Subject: upstream commit

fix signed/unsigned errors reported by clang-3.7; add
 sshbuf_dup_string() to replace a common idiom of strdup(sshbuf_ptr()) with
 better safety checking; feedback and ok markus@

Upstream-ID: 71f926d9bb3f1efed51319a6daf37e93d57c8820
---
 ssh-agent.c | 15 ++++++++-------
 1 file changed, 8 insertions(+), 7 deletions(-)

(limited to 'ssh-agent.c')

diff --git a/ssh-agent.c b/ssh-agent.c
index c38906d94..8aa25b30d 100644
--- a/ssh-agent.c
+++ b/ssh-agent.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssh-agent.c,v 1.212 2016/02/15 09:47:49 dtucker Exp $ */
+/* $OpenBSD: ssh-agent.c,v 1.213 2016/05/02 08:49:03 djm Exp $ */
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -144,8 +144,8 @@ char socket_dir[PATH_MAX];
 #define LOCK_SALT_SIZE	16
 #define LOCK_ROUNDS	1
 int locked = 0;
-char lock_passwd[LOCK_SIZE];
-char lock_salt[LOCK_SALT_SIZE];
+u_char lock_pwhash[LOCK_SIZE];
+u_char lock_salt[LOCK_SALT_SIZE];
 
 extern char *__progname;
 
@@ -677,7 +677,8 @@ static void
 process_lock_agent(SocketEntry *e, int lock)
 {
 	int r, success = 0, delay;
-	char *passwd, passwdhash[LOCK_SIZE];
+	char *passwd;
+	u_char passwdhash[LOCK_SIZE];
 	static u_int fail_count = 0;
 	size_t pwlen;
 
@@ -689,11 +690,11 @@ process_lock_agent(SocketEntry *e, int lock)
 		if (bcrypt_pbkdf(passwd, pwlen, lock_salt, sizeof(lock_salt),
 		    passwdhash, sizeof(passwdhash), LOCK_ROUNDS) < 0)
 			fatal("bcrypt_pbkdf");
-		if (timingsafe_bcmp(passwdhash, lock_passwd, LOCK_SIZE) == 0) {
+		if (timingsafe_bcmp(passwdhash, lock_pwhash, LOCK_SIZE) == 0) {
 			debug("agent unlocked");
 			locked = 0;
 			fail_count = 0;
-			explicit_bzero(lock_passwd, sizeof(lock_passwd));
+			explicit_bzero(lock_pwhash, sizeof(lock_pwhash));
 			success = 1;
 		} else {
 			/* delay in 0.1s increments up to 10s */
@@ -710,7 +711,7 @@ process_lock_agent(SocketEntry *e, int lock)
 		locked = 1;
 		arc4random_buf(lock_salt, sizeof(lock_salt));
 		if (bcrypt_pbkdf(passwd, pwlen, lock_salt, sizeof(lock_salt),
-		    lock_passwd, sizeof(lock_passwd), LOCK_ROUNDS) < 0)
+		    lock_pwhash, sizeof(lock_pwhash), LOCK_ROUNDS) < 0)
 			fatal("bcrypt_pbkdf");
 		success = 1;
 	}
-- 
cgit v1.2.3