diff options
| author | dtucker@openbsd.org <dtucker@openbsd.org> | 2019-01-24 03:34:52 +0100 |
|---|---|---|
| committer | Darren Tucker <dtucker@dtucker.net> | 2019-01-24 04:36:44 +0100 |
| commit | 281ce042579b834cdc1e74314f1fb2eeb75d2612 (patch) | |
| tree | 5eb0e7448cf3cef7dd4a04ecb9be233099037201 /servconf.c | |
| parent | upstream: Remove support for obsolete host/port syntax. (diff) | |
| download | openssh-281ce042579b834cdc1e74314f1fb2eeb75d2612.tar.xz openssh-281ce042579b834cdc1e74314f1fb2eeb75d2612.zip | |
upstream: Always initialize 2nd arg to hpdelim2. It populates that
*ONLY IF* there's a delimiter. If there's not (the common case) it checked
uninitialized memory, which usually passed, but if not would cause spurious
failures when the uninitialized memory happens to contain "/". ok deraadt.
OpenBSD-Commit-ID: 4291611eaf2a53d4c92f4a57c7f267c9f944e0d3
Diffstat (limited to '')
| -rw-r--r-- | servconf.c | 10 |
1 files changed, 5 insertions, 5 deletions
diff --git a/servconf.c b/servconf.c index 1562bd875..d9680aba1 100644 --- a/servconf.c +++ b/servconf.c @@ -1,5 +1,5 @@ -/* $OpenBSD: servconf.c,v 1.347 2019/01/23 21:50:56 dtucker Exp $ */ +/* $OpenBSD: servconf.c,v 1.348 2019/01/24 02:34:52 dtucker Exp $ */ /* * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland * All rights reserved @@ -896,6 +896,7 @@ process_permitopen_list(struct ssh *ssh, ServerOpCodes opcode, /* Otherwise treat it as a list of permitted host:port */ for (i = 0; i < num_opens; i++) { oarg = arg = xstrdup(opens[i]); + ch = '\0'; host = hpdelim2(&arg, &ch); if (host == NULL || ch == '/') fatal("%s: missing host in %s", __func__, what); @@ -1214,7 +1215,7 @@ process_server_config_line(ServerOptions *options, char *line, const char *filename, int linenum, int *activep, struct connection_info *connectinfo) { - char *cp, ***chararrayptr, **charptr, *arg, *arg2, *p; + char ch, *cp, ***chararrayptr, **charptr, *arg, *arg2, *p; int cmdline = 0, *intptr, value, value2, n, port; SyslogFacility *log_facility_ptr; LogLevel *log_level_ptr; @@ -1314,8 +1315,8 @@ process_server_config_line(ServerOptions *options, char *line, port = 0; p = arg; } else { - char ch; arg2 = NULL; + ch = '\0'; p = hpdelim2(&arg, &ch); if (p == NULL || ch == '/') fatal("%s line %d: bad address:port usage", @@ -1944,9 +1945,8 @@ process_server_config_line(ServerOptions *options, char *line, */ xasprintf(&arg2, "*:%s", arg); } else { - char ch; - arg2 = xstrdup(arg); + ch = '\0'; p = hpdelim2(&arg, &ch); if (p == NULL || ch == '/') { fatal("%s line %d: missing host in %s", |