[sshconnect1.c]
don't trust size sent by (rogue) server; noted by s.esser@e-matters.de
- itojun@cvs.openbsd.org 2002/03/11 03:19:53
[sftp-client.c]
indent
+ - markus@cvs.openbsd.org 2002/03/14 15:24:27
+ [sshconnect1.c]
+ don't trust size sent by (rogue) server; noted by s.esser@e-matters.de
20020317
- (tim) [configure.ac] Assume path given with --with-pid-dir=PATH is wanted,
*/
#include "includes.h"
-RCSID("$OpenBSD: sshconnect1.c,v 1.48 2002/02/11 16:15:46 markus Exp $");
+RCSID("$OpenBSD: sshconnect1.c,v 1.49 2002/03/14 15:24:27 markus Exp $");
#include <openssl/bn.h>
#include <openssl/md5.h>
/* Get server's response. */
reply = packet_get_string((u_int *) &auth.length);
+ if (auth.length >= MAX_KTXT_LEN)
+ fatal("Kerberos v4: Malformed response from server");
memcpy(auth.dat, reply, auth.length);
xfree(reply);