RepoMirrors
/
openssh
mirror of git://anongit.mindrot.org/openssh.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

child_set_eng: verify both env pointer and count. 

If child_set env was called with a NULL env pointer and a non-zero count
it would end up in a null deref, although we don't currently do this.
Prompted by Coverity CID 291850, tweak & ok djm@
This commit is contained in:
Darren Tucker 2023-03-30 13:53:29 +11:00
parent 28f1b8ef9b
commit 05b8e88ebe
No known key found for this signature in database
1 changed files with 2 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
misc.c
View File

@ -2273,6 +2273,8 @@ child_set_env(char ***envp, u_int *envsizep, const char *name,
* If we're passed an uninitialized list, allocate a single null * If we're passed an uninitialized list, allocate a single null
* entry before continuing. * entry before continuing.
*/ */
if ((*envp == NULL) != (*envsizep == 0))
fatal_f("environment size mismatch");
if (*envp == NULL && *envsizep == 0) { if (*envp == NULL && *envsizep == 0) {
*envp = xmalloc(sizeof(char *)); *envp = xmalloc(sizeof(char *));
*envp[0] = NULL; *envp[0] = NULL;