From c54b02c4eb82ed71449109774eecf5935bdc61bf Mon Sep 17 00:00:00 2001 From: Damien Miller Date: Thu, 7 Oct 2010 21:40:17 +1100 Subject: [PATCH] - djm@cvs.openbsd.org 2010/09/30 11:04:51 [servconf.c] prevent free() of string in .rodata when overriding AuthorizedKeys in a Match block; patch from rein AT basefarm.no --- ChangeLog | 4 ++++ servconf.c | 8 ++++---- 2 files changed, 8 insertions(+), 4 deletions(-) diff --git a/ChangeLog b/ChangeLog index b9d763a7a..092374fc5 100644 --- a/ChangeLog +++ b/ChangeLog @@ -18,6 +18,10 @@ when performing an "ls" in columnated (short) mode, only call ioctl(TIOCGWINSZ) once to get the window width instead of per- filename + - djm@cvs.openbsd.org 2010/09/30 11:04:51 + [servconf.c] + prevent free() of string in .rodata when overriding AuthorizedKeys in + a Match block; patch from rein AT basefarm.no 20100924 - (djm) OpenBSD CVS Sync diff --git a/servconf.c b/servconf.c index d26a7db05..41c9c6964 100644 --- a/servconf.c +++ b/servconf.c @@ -1,4 +1,4 @@ -/* $OpenBSD: servconf.c,v 1.211 2010/09/22 05:01:29 djm Exp $ */ +/* $OpenBSD: servconf.c,v 1.212 2010/09/30 11:04:51 djm Exp $ */ /* * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland * All rights reserved @@ -259,12 +259,12 @@ fill_default_server_options(ServerOptions *options) if (options->authorized_keys_file2 == NULL) { /* authorized_keys_file2 falls back to authorized_keys_file */ if (options->authorized_keys_file != NULL) - options->authorized_keys_file2 = options->authorized_keys_file; + options->authorized_keys_file2 = xstrdup(options->authorized_keys_file); else - options->authorized_keys_file2 = _PATH_SSH_USER_PERMITTED_KEYS2; + options->authorized_keys_file2 = xstrdup(_PATH_SSH_USER_PERMITTED_KEYS2); } if (options->authorized_keys_file == NULL) - options->authorized_keys_file = _PATH_SSH_USER_PERMITTED_KEYS; + options->authorized_keys_file = xstrdup(_PATH_SSH_USER_PERMITTED_KEYS); if (options->permit_tun == -1) options->permit_tun = SSH_TUNMODE_NO; if (options->zero_knowledge_password_authentication == -1)