From e5df5ff2f87dbdb31c9d00d84c13bf0dc8a7cadc Mon Sep 17 00:00:00 2001
From: djm <djm>
Date: Thu, 17 Jul 2008 08:57:06 +0000
Subject: [PATCH]    - djm@cvs.openbsd.org 2008/07/17 08:48:00     
 [sshconnect2.c]      strnvis preauth banner; pointed out by mpf@ ok markus@

---
 ChangeLog     |  6 ++++++
 sshconnect2.c | 18 +++++++++++++-----
 2 files changed, 19 insertions(+), 5 deletions(-)

diff --git a/ChangeLog b/ChangeLog
index 28f5486d..3505830a 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,9 @@
+20080717
+ - (djm) OpenBSD CVS Sync
+   - djm@cvs.openbsd.org 2008/07/17 08:48:00
+     [sshconnect2.c]
+     strnvis preauth banner; pointed out by mpf@ ok markus@
+
 20080716
  - OpenBSD CVS Sync
    - djm@cvs.openbsd.org 2008/07/15 02:23:14
diff --git a/sshconnect2.c b/sshconnect2.c
index 5bb77236..067fad54 100644
--- a/sshconnect2.c
+++ b/sshconnect2.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: sshconnect2.c,v 1.165 2008/01/19 23:09:49 djm Exp $ */
+/* $OpenBSD: sshconnect2.c,v 1.166 2008/07/17 08:48:00 djm Exp $ */
 /*
  * Copyright (c) 2000 Markus Friedl.  All rights reserved.
  *
@@ -38,6 +38,7 @@
 #include <stdio.h>
 #include <string.h>
 #include <unistd.h>
+#include <vis.h>
 
 #include "openbsd-compat/sys-queue.h"
 
@@ -374,14 +375,21 @@ input_userauth_error(int type, u_int32_t seq, void *ctxt)
 void
 input_userauth_banner(int type, u_int32_t seq, void *ctxt)
 {
-	char *msg, *lang;
+	char *msg, *raw, *lang;
+	u_int len;
 
 	debug3("input_userauth_banner");
-	msg = packet_get_string(NULL);
+	raw = packet_get_string(&len);
 	lang = packet_get_string(NULL);
-	if (options.log_level >= SYSLOG_LEVEL_INFO)
+	if (options.log_level >= SYSLOG_LEVEL_INFO) {
+		if (len > 65536)
+			len = 65536;
+		msg = xmalloc(len * 4); /* max expansion from strnvis() */
+		strnvis(msg, raw, len * 4, VIS_SAFE|VIS_OCTAL);
 		fprintf(stderr, "%s", msg);
-	xfree(msg);
+		xfree(msg);
+	}
+	xfree(raw);
 	xfree(lang);
 }
 
-- 
2.45.2