From e5c76324f835e23ae92f33af8b04450e1659ca58 Mon Sep 17 00:00:00 2001 From: djm Date: Mon, 10 Jul 2006 10:15:56 +0000 Subject: [PATCH] - OpenBSD CVS Sync - djm@cvs.openbsd.org 2006/06/14 10:50:42 [sshconnect.c] limit the number of pre-banner characters we will accept; ok markus@ --- ChangeLog | 4 ++++ sshconnect.c | 8 +++++--- 2 files changed, 9 insertions(+), 3 deletions(-) diff --git a/ChangeLog b/ChangeLog index 960c5f23..2c6b68e9 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,5 +1,9 @@ 20060710 - (dtucker) [INSTALL] New autoconf version: 2.60. + - OpenBSD CVS Sync + - djm@cvs.openbsd.org 2006/06/14 10:50:42 + [sshconnect.c] + limit the number of pre-banner characters we will accept; ok markus@ 20060706 - (dtucker) [configure.ac] Try AIX blibpath test in different order when diff --git a/sshconnect.c b/sshconnect.c index c7657266..e26efa4d 100644 --- a/sshconnect.c +++ b/sshconnect.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sshconnect.c,v 1.184 2006/06/08 14:45:49 markus Exp $ */ +/* $OpenBSD: sshconnect.c,v 1.185 2006/06/14 10:50:42 djm Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -385,10 +385,10 @@ ssh_exchange_identification(void) int connection_in = packet_get_connection_in(); int connection_out = packet_get_connection_out(); int minor1 = PROTOCOL_MINOR_1; - u_int i; + u_int i, n; /* Read other side's version identification. */ - for (;;) { + for (n = 0;;) { for (i = 0; i < sizeof(buf) - 1; i++) { size_t len = atomicio(read, connection_in, &buf[i], 1); @@ -405,6 +405,8 @@ ssh_exchange_identification(void) buf[i + 1] = 0; break; } + if (++n > 65536) + fatal("ssh_exchange_identification: No banner received"); } buf[sizeof(buf) - 1] = 0; if (strncmp(buf, "SSH-", 4) == 0) -- 2.45.2