[readpass.c log.h scp.c fatal.c xmalloc.c includes.h ssh-keyscan.c misc.c
auth.c packet.c log.c]
move #include <stdarg.h> out of includes.h; ok markus@
+ - dtucker@cvs.openbsd.org 2006/07/11 10:12:07
+ [ssh.c]
+ Only copy the part of environment variable that we actually use. Prevents
+ ssh bailing when SendEnv is used and an environment variable with a really
+ long value exists. ok djm@
20060711
- (dtucker) [configure.ac ssh-keygen.c openbsd-compat/bsd-openpty.c
-/* $OpenBSD: ssh.c,v 1.281 2006/07/09 15:15:11 stevesk Exp $ */
+/* $OpenBSD: ssh.c,v 1.282 2006/07/11 10:12:07 dtucker Exp $ */
/*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
static int
env_permitted(char *env)
{
- int i;
+ int i, ret;
char name[1024], *cp;
- if (strlcpy(name, env, sizeof(name)) >= sizeof(name))
- fatal("env_permitted: name too long");
- if ((cp = strchr(name, '=')) == NULL)
+ if ((cp = strchr(env, '=')) == NULL || cp == env)
return (0);
-
- *cp = '\0';
+ ret = snprintf(name, sizeof(name), "%.*s", (cp - env), env);
+ if (ret <= 0 || (size_t)ret >= sizeof(name))
+ fatal("env_permitted: name '%.100s...' too long", env);
for (i = 0; i < options.num_send_env; i++)
if (match_pattern(name, options.send_env[i]))