- OpenBSD CVS Sync

   - djm@cvs.openbsd.org 2006/06/14 10:50:42
     [sshconnect.c]
     limit the number of pre-banner characters we will accept; ok markus@

diff --git a/ChangeLog b/ChangeLog
index 960c5f230addbacc23e54584632c48cfbc1ff794..2c6b68e9124f5117fe32a4fcbba3070bd0f1cf75 100644 (file)
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,5 +1,9 @@
 20060710
  - (dtucker) [INSTALL] New autoconf version: 2.60.
+ - OpenBSD CVS Sync
+   - djm@cvs.openbsd.org 2006/06/14 10:50:42
+     [sshconnect.c]
+     limit the number of pre-banner characters we will accept; ok markus@
 
 20060706
  - (dtucker) [configure.ac] Try AIX blibpath test in different order when

diff --git a/sshconnect.c b/sshconnect.c
index c76572662fca6eaf8b764d3aae63edb09225fc6e..e26efa4dc1c2d51248868a5cfb9141f80fc5373c 100644 (file)
--- a/sshconnect.c
+++ b/sshconnect.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: sshconnect.c,v 1.184 2006/06/08 14:45:49 markus Exp $ */
+/* $OpenBSD: sshconnect.c,v 1.185 2006/06/14 10:50:42 djm Exp $ */
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -385,10 +385,10 @@ ssh_exchange_identification(void)
        int connection_in = packet_get_connection_in();
        int connection_out = packet_get_connection_out();
        int minor1 = PROTOCOL_MINOR_1;
-       u_int i;
+       u_int i, n;
 
        /* Read other side's version identification. */
-       for (;;) {
+       for (n = 0;;) {
                for (i = 0; i < sizeof(buf) - 1; i++) {
                        size_t len = atomicio(read, connection_in, &buf[i], 1);
 
@@ -405,6 +405,8 @@ ssh_exchange_identification(void)
                                buf[i + 1] = 0;
                                break;
                        }
+                       if (++n > 65536)
+                               fatal("ssh_exchange_identification: No banner received");
                }
                buf[sizeof(buf) - 1] = 0;
                if (strncmp(buf, "SSH-", 4) == 0)