diff options
| author | Damien Miller <djm@mindrot.org> | 2005-05-26 04:07:32 +0200 |
|---|---|---|
| committer | Damien Miller <djm@mindrot.org> | 2005-05-26 04:07:32 +0200 |
| commit | 41bfc29ea5416ea0a389635291bcf388d4bdc225 (patch) | |
| tree | 85eef9ee1416ca8dea07815847d77197038f212c /ssh-keyscan.c | |
| parent | - jakob@cvs.openbsd.org 2005/04/26 13:08:37 (diff) | |
| download | openssh-41bfc29ea5416ea0a389635291bcf388d4bdc225.tar.xz openssh-41bfc29ea5416ea0a389635291bcf388d4bdc225.zip | |
- moritz@cvs.openbsd.org 2005/04/28 10:17:56
[progressmeter.c ssh-keyscan.c]
add snprintf checks. ok djm@ markus@
Diffstat (limited to 'ssh-keyscan.c')
| -rw-r--r-- | ssh-keyscan.c | 7 |
1 files changed, 6 insertions, 1 deletions
diff --git a/ssh-keyscan.c b/ssh-keyscan.c index bc2c3b728..fdcfc5b3c 100644 --- a/ssh-keyscan.c +++ b/ssh-keyscan.c @@ -7,7 +7,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: ssh-keyscan.c,v 1.52 2005/03/01 15:47:14 jmc Exp $"); +RCSID("$OpenBSD: ssh-keyscan.c,v 1.53 2005/04/28 10:17:56 moritz Exp $"); #include "openbsd-compat/sys-queue.h" @@ -543,6 +543,11 @@ congreet(int s) n = snprintf(buf, sizeof buf, "SSH-%d.%d-OpenSSH-keyscan\r\n", c->c_keytype == KT_RSA1? PROTOCOL_MAJOR_1 : PROTOCOL_MAJOR_2, c->c_keytype == KT_RSA1? PROTOCOL_MINOR_1 : PROTOCOL_MINOR_2); + if (n == -1 || n >= sizeof buf) { + error("snprintf: buffer too small"); + confree(s); + return; + } if (atomicio(vwrite, s, buf, n) != n) { error("write (%s): %s", c->c_name, strerror(errno)); confree(s); |