From cfaa540503c93d915ef5cb178c5cecece1a5cc72 Mon Sep 17 00:00:00 2001 From: djm Date: Fri, 31 Mar 2006 12:11:28 +0000 Subject: [PATCH] - deraadt@cvs.openbsd.org 2006/03/28 01:53:43 [ssh-agent.c] use strtonum() to parse the pid from the file, and range check it better; ok djm --- ChangeLog | 4 ++++ ssh-agent.c | 16 ++++++++++------ 2 files changed, 14 insertions(+), 6 deletions(-) diff --git a/ChangeLog b/ChangeLog index ac0b7461..db380309 100644 --- a/ChangeLog +++ b/ChangeLog @@ -16,6 +16,10 @@ - deraadt@cvs.openbsd.org 2006/03/28 01:52:28 [channels.c] do not accept unreasonable X ports numbers; ok djm + - deraadt@cvs.openbsd.org 2006/03/28 01:53:43 + [ssh-agent.c] + use strtonum() to parse the pid from the file, and range check it + better; ok djm 20060326 - OpenBSD CVS Sync diff --git a/ssh-agent.c b/ssh-agent.c index eb99effd..162760ac 100644 --- a/ssh-agent.c +++ b/ssh-agent.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh-agent.c,v 1.135 2006/03/25 18:41:45 deraadt Exp $ */ +/* $OpenBSD: ssh-agent.c,v 1.136 2006/03/28 01:53:43 deraadt Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -1077,20 +1077,24 @@ main(int ac, char **av) if (ac == 0 && !c_flag && !s_flag) { shell = getenv("SHELL"); - if (shell != NULL && strncmp(shell + strlen(shell) - 3, "csh", 3) == 0) + if (shell != NULL && + strncmp(shell + strlen(shell) - 3, "csh", 3) == 0) c_flag = 1; } if (k_flag) { + const char *errstr = NULL; + pidstr = getenv(SSH_AGENTPID_ENV_NAME); if (pidstr == NULL) { fprintf(stderr, "%s not set, cannot kill agent\n", SSH_AGENTPID_ENV_NAME); exit(1); } - pid = atoi(pidstr); - if (pid < 1) { - fprintf(stderr, "%s=\"%s\", which is not a good PID\n", - SSH_AGENTPID_ENV_NAME, pidstr); + pid = (int)strtonum(pidstr, 2, INT_MAX, &errstr); + if (errstr) { + fprintf(stderr, + "%s=\"%s\", which is not a good PID: %s\n", + SSH_AGENTPID_ENV_NAME, pidstr, errstr); exit(1); } if (kill(pid, SIGTERM) == -1) { -- 2.45.1