diff --git a/ChangeLog b/ChangeLog index 5e84af41e..7cfa6f8e7 100644 --- a/ChangeLog +++ b/ChangeLog @@ -40,6 +40,10 @@ fix protocol error: send 'failed' message instead of a 2nd challenge (happens if the same key is in authorized_keys twice). reported Ralf_Meister@genua.de; ok djm@ + - stevesk@cvs.openbsd.org 2001/11/30 20:39:28 + [ssh.c] + sscanf() length dependencies are clearer now; can also shrink proto + and data if desired, but i have not done that. ok markus@ 20011126 - (tim) [contrib/cygwin/README, openbsd-compat/bsd-cygwin_util.c, @@ -6962,4 +6966,4 @@ - Wrote replacements for strlcpy and mkdtemp - Released 1.0pre1 -$Id: ChangeLog,v 1.1678 2001/12/06 17:41:25 mouring Exp $ +$Id: ChangeLog,v 1.1679 2001/12/06 17:45:19 mouring Exp $ diff --git a/ssh.c b/ssh.c index 2984a597f..9f4d1178b 100644 --- a/ssh.c +++ b/ssh.c @@ -39,7 +39,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: ssh.c,v 1.149 2001/10/24 08:51:35 markus Exp $"); +RCSID("$OpenBSD: ssh.c,v 1.150 2001/11/30 20:39:28 stevesk Exp $"); #include #include @@ -787,19 +787,23 @@ again: } static void -x11_get_proto(char *proto, int proto_len, char *data, int data_len) +x11_get_proto(char **_proto, char **_data) { char line[512]; + static char proto[512], data[512]; FILE *f; int got_data = 0, i; + *_proto = proto; + *_data = data; + proto[0] = data[0] = '\0'; if (options.xauth_location) { /* Try to get Xauthority information for the display. */ snprintf(line, sizeof line, "%.100s list %.200s 2>" _PATH_DEVNULL, options.xauth_location, getenv("DISPLAY")); f = popen(line, "r"); if (f && fgets(line, sizeof(line), f) && - sscanf(line, "%*s %s %s", proto, data) == 2) + sscanf(line, "%*s %511s %511s", proto, data) == 2) got_data = 1; if (f) pclose(f); @@ -815,11 +819,11 @@ x11_get_proto(char *proto, int proto_len, char *data, int data_len) if (!got_data) { u_int32_t rand = 0; - strlcpy(proto, "MIT-MAGIC-COOKIE-1", proto_len); + strlcpy(proto, "MIT-MAGIC-COOKIE-1", sizeof proto); for (i = 0; i < 16; i++) { if (i % 4 == 0) rand = arc4random(); - snprintf(data + 2 * i, data_len - 2 * i, "%02x", rand & 0xff); + snprintf(data + 2 * i, sizeof data - 2 * i, "%02x", rand & 0xff); rand >>= 8; } } @@ -943,9 +947,9 @@ ssh_session(void) } /* Request X11 forwarding if enabled and DISPLAY is set. */ if (options.forward_x11 && getenv("DISPLAY") != NULL) { - char proto[512], data[512]; + char *proto, *data; /* Get reasonable local authentication information. */ - x11_get_proto(proto, sizeof proto, data, sizeof data); + x11_get_proto(&proto, &data); /* Request forwarding with authentication spoofing. */ debug("Requesting X11 forwarding with authentication spoofing."); x11_request_forwarding_with_spoofing(0, proto, data); @@ -1059,9 +1063,9 @@ ssh_session2_setup(int id, void *arg) } if (options.forward_x11 && getenv("DISPLAY") != NULL) { - char proto[512], data[512]; + char *proto, *data; /* Get reasonable local authentication information. */ - x11_get_proto(proto, sizeof proto, data, sizeof data); + x11_get_proto(&proto, &data); /* Request forwarding with authentication spoofing. */ debug("Requesting X11 forwarding with authentication spoofing."); x11_request_forwarding_with_spoofing(id, proto, data);