- markus@cvs.openbsd.org 2001/11/07 22:53:21
[channels.h]
crank c->path to 256 so they can hold a full hostname; dwd@bell-labs.com
+ - markus@cvs.openbsd.org 2001/11/08 10:51:08
+ [readpass.c]
+ don't strdup too much data; from gotoh@taiyo.co.jp; ok millert.
20011109
- (stevesk) auth-pam.c: use do_pam_authenticate(PAM_DISALLOW_NULL_AUTHTOK)
*/
#include "includes.h"
-RCSID("$OpenBSD: readpass.c,v 1.22 2001/07/14 15:10:16 stevesk Exp $");
+RCSID("$OpenBSD: readpass.c,v 1.23 2001/11/08 10:51:08 markus Exp $");
#include "xmalloc.h"
#include "readpass.h"
{
pid_t pid;
size_t len;
- char *nl, *pass;
+ char *pass;
int p[2], status;
char buf[1024];
fatal("ssh_askpass: exec(%s): %s", askpass, strerror(errno));
}
close(p[1]);
- len = read(p[0], buf, sizeof buf);
+ len = read(p[0], buf, sizeof buf -1);
close(p[0]);
while (waitpid(pid, &status, 0) < 0)
if (errno != EINTR)
break;
if (len <= 1)
return xstrdup("");
- nl = strchr(buf, '\n');
- if (nl)
- *nl = '\0';
+ buf[len] = '\0';
+ buf[strcspn(buf, "\r\n")] = '\0';
pass = xstrdup(buf);
memset(buf, 0, sizeof(buf));
return pass;