[openssh-commits] [openssh] 01/01: upstream commit

git+noreply at mindrot.org git+noreply at mindrot.org
Wed Nov 26 13:37:51 EST 2014


This is an automated email from the git hooks/post-receive script.

djm pushed a commit to branch master
in repository openssh.

commit 72bba3d179ced8b425272efe6956a309202a91f3
Author: jsg at openbsd.org <jsg at openbsd.org>
Date:   Mon Nov 24 03:39:22 2014 +0000

    upstream commit
    
    Fix crashes in the handling of the sshd config file found
     with the afl fuzzer.
    
    ok deraadt@ djm@
---
 servconf.c | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

diff --git a/servconf.c b/servconf.c
index b317e9c..99396fb 100644
--- a/servconf.c
+++ b/servconf.c
@@ -1,5 +1,5 @@
 
-/* $OpenBSD: servconf.c,v 1.254 2014/10/24 02:01:20 lteo Exp $ */
+/* $OpenBSD: servconf.c,v 1.255 2014/11/24 03:39:22 jsg Exp $ */
 /*
  * Copyright (c) 1995 Tatu Ylonen <ylo at cs.hut.fi>, Espoo, Finland
  *                    All rights reserved
@@ -1612,6 +1612,9 @@ process_server_config_line(ServerOptions *options, char *line,
 		return 0;
 
 	case sAuthorizedKeysCommand:
+		if (cp == NULL)
+			fatal("%.200s line %d: Missing argument.", filename,
+			    linenum);
 		len = strspn(cp, WHITESPACE);
 		if (*activep && options->authorized_keys_command == NULL) {
 			if (cp[len] != '/' && strcasecmp(cp + len, "none") != 0)
@@ -1626,6 +1629,9 @@ process_server_config_line(ServerOptions *options, char *line,
 		charptr = &options->authorized_keys_command_user;
 
 		arg = strdelim(&cp);
+		if (!arg || *arg == '\0')
+			fatal("%s line %d: missing AuthorizedKeysCommandUser "
+			    "argument.", filename, linenum);
 		if (*activep && *charptr == NULL)
 			*charptr = xstrdup(arg);
 		break;

-- 
To stop receiving notification emails like this one, please contact
djm at mindrot.org.


More information about the openssh-commits mailing list