- djm@cvs.openbsd.org 2006/04/03 07:10:38

     [gss-genr.c]
     GSSAPI buffers shouldn't be nul-terminated, spotted in bugzilla #1066
     by dleonard AT vintela.com. use xasprintf() to simplify code while in
     there; "looks right" deraadt@

diff --git a/ChangeLog b/ChangeLog
index 359b003a1c829c6a0da4eb1be366f24368857ad3..e48dfe0e628e9529fc4ff77a8ee7e473301e6416 100644 (file)
--- a/ChangeLog
+++ b/ChangeLog
@@ -12,6 +12,11 @@
    - dtucker@cvs.openbsd.org 2006/04/02 08:34:52
      [ssh-keysign.c]
      sessionid can be 32 bytes now too when sha256 kex is used; ok djm@
+   - djm@cvs.openbsd.org 2006/04/03 07:10:38
+     [gss-genr.c]
+     GSSAPI buffers shouldn't be nul-terminated, spotted in bugzilla #1066
+     by dleonard AT vintela.com. use xasprintf() to simplify code while in
+     there; "looks right" deraadt@
 
 20060421
  - (djm) [Makefile.in configure.ac session.c sshpty.c]

diff --git a/gss-genr.c b/gss-genr.c
index 4c10f1aab3bebb244a1dc46b2e479fbf294d74b4..3d630ab822b746aeed69a747a89a0cce054c8338 100644 (file)
--- a/gss-genr.c
+++ b/gss-genr.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: gss-genr.c,v 1.9 2006/03/25 22:22:43 djm Exp $ */
+/* $OpenBSD: gss-genr.c,v 1.10 2006/04/03 07:10:38 djm Exp $ */
 
 /*
  * Copyright (c) 2001-2003 Simon Wilkinson. All rights reserved.
@@ -205,10 +205,11 @@ OM_uint32
 ssh_gssapi_import_name(Gssctxt *ctx, const char *host)
 {
        gss_buffer_desc gssbuf;
+       char *val;
 
-       gssbuf.length = sizeof("host@") + strlen(host);
-       gssbuf.value = xmalloc(gssbuf.length);
-       snprintf(gssbuf.value, gssbuf.length, "host@%s", host);
+       xasprintf(&val, "host@%s", host);
+       gssbuf.value = val;
+       gssbuf.length = strlen(gssbuf.value);
 
        if ((ctx->major = gss_import_name(&ctx->minor,
            &gssbuf, GSS_C_NT_HOSTBASED_SERVICE, &ctx->name)))