[openssh-commits] [openssh] 01/01: upstream: switch config file parsing to getline(3) as this avoids
git+noreply at mindrot.org
git+noreply at mindrot.org
Thu Jun 7 04:34:17 AEST 2018
This is an automated email from the git hooks/post-receive script.
djm pushed a commit to branch master
in repository openssh.
commit 7f90635216851f6cb4bf3999e98b825f85d604f8
Author: markus at openbsd.org <markus at openbsd.org>
Date: Wed Jun 6 18:29:18 2018 +0000
upstream: switch config file parsing to getline(3) as this avoids
static limits noted by gerhard@; ok dtucker@, djm@
OpenBSD-Commit-ID: 6d702eabef0fa12e5a1d75c334a8c8b325298b5c
---
auth2-pubkey.c | 16 +++++++++++-----
authfile.c | 22 +++++++++++-----------
dh.c | 18 ++++++++++++------
hostfile.c | 15 +++++++++------
misc.c | 27 +--------------------------
misc.h | 3 +--
readconf.c | 10 +++++-----
servconf.c | 10 +++++-----
session.c | 11 ++++++-----
ssh-keygen.c | 25 +++++++++++++++++--------
ssh-keyscan.c | 12 +++++-------
ssh.h | 9 +--------
12 files changed, 84 insertions(+), 94 deletions(-)
diff --git a/auth2-pubkey.c b/auth2-pubkey.c
index 5603f5ef..3ccc3a21 100644
--- a/auth2-pubkey.c
+++ b/auth2-pubkey.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: auth2-pubkey.c,v 1.78 2018/06/01 03:33:53 djm Exp $ */
+/* $OpenBSD: auth2-pubkey.c,v 1.79 2018/06/06 18:29:18 markus Exp $ */
/*
* Copyright (c) 2000 Markus Friedl. All rights reserved.
*
@@ -319,14 +319,16 @@ static int
process_principals(struct ssh *ssh, FILE *f, const char *file,
const struct sshkey_cert *cert, struct sshauthopt **authoptsp)
{
- char loc[256], line[SSH_MAX_PUBKEY_BYTES], *cp, *ep;
+ char loc[256], *line = NULL, *cp, *ep;
+ size_t linesize = 0;
u_long linenum = 0;
u_int found_principal = 0;
if (authoptsp != NULL)
*authoptsp = NULL;
- while (read_keyfile_line(f, file, line, sizeof(line), &linenum) != -1) {
+ while (getline(&line, &linesize, f) != -1) {
+ linenum++;
/* Always consume entire input */
if (found_principal)
continue;
@@ -344,6 +346,7 @@ process_principals(struct ssh *ssh, FILE *f, const char *file,
if (check_principals_line(ssh, cp, cert, loc, authoptsp) == 0)
found_principal = 1;
}
+ free(line);
return found_principal;
}
@@ -687,14 +690,16 @@ static int
check_authkeys_file(struct ssh *ssh, struct passwd *pw, FILE *f,
char *file, struct sshkey *key, struct sshauthopt **authoptsp)
{
- char *cp, line[SSH_MAX_PUBKEY_BYTES], loc[256];
+ char *cp, *line = NULL, loc[256];
+ size_t linesize = 0;
int found_key = 0;
u_long linenum = 0;
if (authoptsp != NULL)
*authoptsp = NULL;
- while (read_keyfile_line(f, file, line, sizeof(line), &linenum) != -1) {
+ while (getline(&line, &linesize, f) != -1) {
+ linenum++;
/* Always consume entire file */
if (found_key)
continue;
@@ -708,6 +713,7 @@ check_authkeys_file(struct ssh *ssh, struct passwd *pw, FILE *f,
if (check_authkey_line(ssh, pw, key, cp, loc, authoptsp) == 0)
found_key = 1;
}
+ free(line);
return found_key;
}
diff --git a/authfile.c b/authfile.c
index 57dcd808..c3a6345d 100644
--- a/authfile.c
+++ b/authfile.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: authfile.c,v 1.128 2018/02/23 15:58:37 markus Exp $ */
+/* $OpenBSD: authfile.c,v 1.129 2018/06/06 18:29:18 markus Exp $ */
/*
* Copyright (c) 2000, 2013 Markus Friedl. All rights reserved.
*
@@ -265,17 +265,15 @@ static int
sshkey_try_load_public(struct sshkey *k, const char *filename, char **commentp)
{
FILE *f;
- char line[SSH_MAX_PUBKEY_BYTES];
- char *cp;
- u_long linenum = 0;
+ char *line = NULL, *cp;
+ size_t linesize = 0;
int r;
if (commentp != NULL)
*commentp = NULL;
if ((f = fopen(filename, "r")) == NULL)
return SSH_ERR_SYSTEM_ERROR;
- while (read_keyfile_line(f, filename, line, sizeof(line),
- &linenum) != -1) {
+ while (getline(&line, &linesize, f) != -1) {
cp = line;
switch (*cp) {
case '#':
@@ -299,11 +297,13 @@ sshkey_try_load_public(struct sshkey *k, const char *filename, char **commentp)
if (*commentp == NULL)
r = SSH_ERR_ALLOC_FAIL;
}
+ free(line);
fclose(f);
return r;
}
}
}
+ free(line);
fclose(f);
return SSH_ERR_INVALID_FORMAT;
}
@@ -447,19 +447,18 @@ sshkey_in_file(struct sshkey *key, const char *filename, int strict_type,
int check_ca)
{
FILE *f;
- char line[SSH_MAX_PUBKEY_BYTES];
- char *cp;
- u_long linenum = 0;
+ char *line = NULL, *cp;
+ size_t linesize = 0;
int r = 0;
struct sshkey *pub = NULL;
+
int (*sshkey_compare)(const struct sshkey *, const struct sshkey *) =
strict_type ? sshkey_equal : sshkey_equal_public;
if ((f = fopen(filename, "r")) == NULL)
return SSH_ERR_SYSTEM_ERROR;
- while (read_keyfile_line(f, filename, line, sizeof(line),
- &linenum) != -1) {
+ while (getline(&line, &linesize, f) != -1) {
cp = line;
/* Skip leading whitespace. */
@@ -491,6 +490,7 @@ sshkey_in_file(struct sshkey *key, const char *filename, int strict_type,
}
r = SSH_ERR_KEY_NOT_FOUND;
out:
+ free(line);
sshkey_free(pub);
fclose(f);
return r;
diff --git a/dh.c b/dh.c
index 46afba03..16eb1327 100644
--- a/dh.c
+++ b/dh.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: dh.c,v 1.63 2018/02/07 02:06:50 jsing Exp $ */
+/* $OpenBSD: dh.c,v 1.64 2018/06/06 18:29:18 markus Exp $ */
/*
* Copyright (c) 2000 Niels Provos. All rights reserved.
*
@@ -145,9 +145,9 @@ DH *
choose_dh(int min, int wantbits, int max)
{
FILE *f;
- char line[4096];
- int best, bestcount, which;
- int linenum;
+ char *line = NULL;
+ size_t linesize = 0;
+ int best, bestcount, which, linenum;
struct dhgroup dhg;
if ((f = fopen(_PATH_DH_MODULI, "r")) == NULL) {
@@ -158,7 +158,7 @@ choose_dh(int min, int wantbits, int max)
linenum = 0;
best = bestcount = 0;
- while (fgets(line, sizeof(line), f)) {
+ while (getline(&line, &linesize, f) != -1) {
linenum++;
if (!parse_prime(linenum, line, &dhg))
continue;
@@ -176,6 +176,9 @@ choose_dh(int min, int wantbits, int max)
if (dhg.size == best)
bestcount++;
}
+ free(line);
+ line = NULL;
+ linesize = 0;
rewind(f);
if (bestcount == 0) {
@@ -186,7 +189,8 @@ choose_dh(int min, int wantbits, int max)
linenum = 0;
which = arc4random_uniform(bestcount);
- while (fgets(line, sizeof(line), f)) {
+ while (getline(&line, &linesize, f) != -1) {
+ linenum++;
if (!parse_prime(linenum, line, &dhg))
continue;
if ((dhg.size > max || dhg.size < min) ||
@@ -198,6 +202,8 @@ choose_dh(int min, int wantbits, int max)
}
break;
}
+ free(line);
+ line = NULL;
fclose(f);
if (linenum != which+1) {
logit("WARNING: line %d disappeared in %s, giving up",
diff --git a/hostfile.c b/hostfile.c
index 12f174ff..e0833937 100644
--- a/hostfile.c
+++ b/hostfile.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: hostfile.c,v 1.71 2017/05/31 09:15:42 deraadt Exp $ */
+/* $OpenBSD: hostfile.c,v 1.72 2018/06/06 18:29:18 markus Exp $ */
/*
* Author: Tatu Ylonen <ylo at cs.hut.fi>
* Copyright (c) 1995 Tatu Ylonen <ylo at cs.hut.fi>, Espoo, Finland
@@ -663,14 +663,14 @@ hostkeys_foreach(const char *path, hostkeys_foreach_fn *callback, void *ctx,
const char *host, const char *ip, u_int options)
{
FILE *f;
- char line[8192], oline[8192], ktype[128];
+ char *line = NULL, ktype[128];
u_long linenum = 0;
char *cp, *cp2;
u_int kbits;
int hashed;
int s, r = 0;
struct hostkey_foreach_line lineinfo;
- size_t l;
+ size_t linesize = 0, l;
memset(&lineinfo, 0, sizeof(lineinfo));
if (host == NULL && (options & HKF_WANT_MATCH) != 0)
@@ -679,15 +679,16 @@ hostkeys_foreach(const char *path, hostkeys_foreach_fn *callback, void *ctx,
return SSH_ERR_SYSTEM_ERROR;
debug3("%s: reading file \"%s\"", __func__, path);
- while (read_keyfile_line(f, path, line, sizeof(line), &linenum) == 0) {
+ while (getline(&line, &linesize, f) != -1) {
+ linenum++;
line[strcspn(line, "\n")] = '\0';
- strlcpy(oline, line, sizeof(oline));
sshkey_free(lineinfo.key);
memset(&lineinfo, 0, sizeof(lineinfo));
lineinfo.path = path;
lineinfo.linenum = linenum;
- lineinfo.line = oline;
+ free(lineinfo.line);
+ lineinfo.line = xstrdup(line);
lineinfo.marker = MRK_NONE;
lineinfo.status = HKF_STATUS_OK;
lineinfo.keytype = KEY_UNSPEC;
@@ -826,6 +827,8 @@ hostkeys_foreach(const char *path, hostkeys_foreach_fn *callback, void *ctx,
break;
}
sshkey_free(lineinfo.key);
+ free(lineinfo.line);
+ free(line);
fclose(f);
return r;
}
diff --git a/misc.c b/misc.c
index 874dcc8a..3e62320a 100644
--- a/misc.c
+++ b/misc.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: misc.c,v 1.127 2018/03/12 00:52:01 djm Exp $ */
+/* $OpenBSD: misc.c,v 1.128 2018/06/06 18:29:18 markus Exp $ */
/*
* Copyright (c) 2000 Markus Friedl. All rights reserved.
* Copyright (c) 2005,2006 Damien Miller. All rights reserved.
@@ -1005,31 +1005,6 @@ percent_expand(const char *string, ...)
#undef EXPAND_MAX_KEYS
}
-/*
- * Read an entire line from a public key file into a static buffer, discarding
- * lines that exceed the buffer size. Returns 0 on success, -1 on failure.
- */
-int
-read_keyfile_line(FILE *f, const char *filename, char *buf, size_t bufsz,
- u_long *lineno)
-{
- while (fgets(buf, bufsz, f) != NULL) {
- if (buf[0] == '\0')
- continue;
- (*lineno)++;
- if (buf[strlen(buf) - 1] == '\n' || feof(f)) {
- return 0;
- } else {
- debug("%s: %s line %lu exceeds size limit", __func__,
- filename, *lineno);
- /* discard remainder of line */
- while (fgetc(f) != '\n' && !feof(f))
- ; /* nothing */
- }
- }
- return -1;
-}
-
int
tun_open(int tun, int mode, char **ifname)
{
diff --git a/misc.h b/misc.h
index cdafea73..daa4abc4 100644
--- a/misc.h
+++ b/misc.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: misc.h,v 1.71 2018/03/12 00:52:01 djm Exp $ */
+/* $OpenBSD: misc.h,v 1.72 2018/06/06 18:29:18 markus Exp $ */
/*
* Author: Tatu Ylonen <ylo at cs.hut.fi>
@@ -166,7 +166,6 @@ int safe_path_fd(int, const char *, struct passwd *,
char *read_passphrase(const char *, int);
int ask_permission(const char *, ...) __attribute__((format(printf, 1, 2)));
-int read_keyfile_line(FILE *, const char *, char *, size_t, u_long *);
#define MINIMUM(a, b) (((a) < (b)) ? (a) : (b))
#define MAXIMUM(a, b) (((a) > (b)) ? (a) : (b))
diff --git a/readconf.c b/readconf.c
index 9c4a234b..733b67f7 100644
--- a/readconf.c
+++ b/readconf.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: readconf.c,v 1.288 2018/06/01 03:33:53 djm Exp $ */
+/* $OpenBSD: readconf.c,v 1.289 2018/06/06 18:29:18 markus Exp $ */
/*
* Author: Tatu Ylonen <ylo at cs.hut.fi>
* Copyright (c) 1995 Tatu Ylonen <ylo at cs.hut.fi>, Espoo, Finland
@@ -1728,7 +1728,8 @@ read_config_file_depth(const char *filename, struct passwd *pw,
int flags, int *activep, int depth)
{
FILE *f;
- char line[4096];
+ char *line = NULL;
+ size_t linesize = 0;
int linenum;
int bad_options = 0;
@@ -1755,15 +1756,14 @@ read_config_file_depth(const char *filename, struct passwd *pw,
* on/off by Host specifications.
*/
linenum = 0;
- while (fgets(line, sizeof(line), f)) {
+ while (getline(&line, &linesize, f) != -1) {
/* Update line number counter. */
linenum++;
- if (strlen(line) == sizeof(line) - 1)
- fatal("%s line %d too long", filename, linenum);
if (process_config_line_depth(options, pw, host, original_host,
line, filename, linenum, activep, flags, depth) != 0)
bad_options++;
}
+ free(line);
fclose(f);
if (bad_options > 0)
fatal("%s: terminating, %d bad configuration options",
diff --git a/servconf.c b/servconf.c
index 3c41490b..f55b6673 100644
--- a/servconf.c
+++ b/servconf.c
@@ -1,5 +1,5 @@
-/* $OpenBSD: servconf.c,v 1.330 2018/06/06 18:23:32 djm Exp $ */
+/* $OpenBSD: servconf.c,v 1.331 2018/06/06 18:29:18 markus Exp $ */
/*
* Copyright (c) 1995 Tatu Ylonen <ylo at cs.hut.fi>, Espoo, Finland
* All rights reserved
@@ -2103,7 +2103,8 @@ process_server_config_line(ServerOptions *options, char *line,
void
load_server_config(const char *filename, Buffer *conf)
{
- char line[4096], *cp;
+ char *line = NULL, *cp;
+ size_t linesize = 0;
FILE *f;
int lineno = 0;
@@ -2113,10 +2114,8 @@ load_server_config(const char *filename, Buffer *conf)
exit(1);
}
buffer_clear(conf);
- while (fgets(line, sizeof(line), f)) {
+ while (getline(&line, &linesize, f) != -1) {
lineno++;
- if (strlen(line) == sizeof(line) - 1)
- fatal("%s line %d too long", filename, lineno);
/*
* Trim out comments and strip whitespace
* NB - preserve newlines, they are needed to reproduce
@@ -2128,6 +2127,7 @@ load_server_config(const char *filename, Buffer *conf)
buffer_append(conf, cp, strlen(cp));
}
+ free(line);
buffer_append(conf, "\0", 1);
fclose(f);
debug2("%s: done config len = %d", __func__, buffer_len(conf));
diff --git a/session.c b/session.c
index e72fcb0a..511fc4e8 100644
--- a/session.c
+++ b/session.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: session.c,v 1.297 2018/06/06 18:23:32 djm Exp $ */
+/* $OpenBSD: session.c,v 1.298 2018/06/06 18:29:18 markus Exp $ */
/*
* Copyright (c) 1995 Tatu Ylonen <ylo at cs.hut.fi>, Espoo, Finland
* All rights reserved
@@ -873,18 +873,18 @@ read_environment_file(char ***env, u_int *envsize,
const char *filename)
{
FILE *f;
- char buf[4096];
- char *cp, *value;
+ char *line = NULL, *cp, *value;
+ size_t linesize = 0;
u_int lineno = 0;
f = fopen(filename, "r");
if (!f)
return;
- while (fgets(buf, sizeof(buf), f)) {
+ while (getline(&line, &linesize, f) != -1) {
if (++lineno > 1000)
fatal("Too many lines in environment file %s", filename);
- for (cp = buf; *cp == ' ' || *cp == '\t'; cp++)
+ for (cp = line; *cp == ' ' || *cp == '\t'; cp++)
;
if (!*cp || *cp == '#' || *cp == '\n')
continue;
@@ -905,6 +905,7 @@ read_environment_file(char ***env, u_int *envsize,
value++;
child_set_env(env, envsize, cp, value);
}
+ free(line);
fclose(f);
}
diff --git a/ssh-keygen.c b/ssh-keygen.c
index 2568c00e..ccebbaf7 100644
--- a/ssh-keygen.c
+++ b/ssh-keygen.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssh-keygen.c,v 1.316 2018/06/01 04:21:29 djm Exp $ */
+/* $OpenBSD: ssh-keygen.c,v 1.317 2018/06/06 18:29:18 markus Exp $ */
/*
* Author: Tatu Ylonen <ylo at cs.hut.fi>
* Copyright (c) 1994 Tatu Ylonen <ylo at cs.hut.fi>, Espoo, Finland
@@ -870,7 +870,8 @@ do_fingerprint(struct passwd *pw)
{
FILE *f;
struct sshkey *public = NULL;
- char *comment = NULL, *cp, *ep, line[SSH_MAX_PUBKEY_BYTES];
+ char *comment = NULL, *cp, *ep, *line = NULL;
+ size_t linesize = 0;
int i, invalid = 1;
const char *path;
u_long lnum = 0;
@@ -885,7 +886,8 @@ do_fingerprint(struct passwd *pw)
} else if ((f = fopen(path, "r")) == NULL)
fatal("%s: %s: %s", __progname, path, strerror(errno));
- while (read_keyfile_line(f, path, line, sizeof(line), &lnum) == 0) {
+ while (getline(&line, &linesize, f) != -1) {
+ lnum++;
cp = line;
cp[strcspn(cp, "\n")] = '\0';
/* Trim leading space and comments */
@@ -905,6 +907,7 @@ do_fingerprint(struct passwd *pw)
*/
if (lnum == 1 && strcmp(identity_file, "-") != 0 &&
strstr(cp, "PRIVATE KEY") != NULL) {
+ free(line);
fclose(f);
fingerprint_private(path);
exit(0);
@@ -951,6 +954,7 @@ do_fingerprint(struct passwd *pw)
invalid = 0; /* One good key in the file is sufficient */
}
fclose(f);
+ free(line);
if (invalid)
fatal("%s is not a public key file.", path);
@@ -2004,8 +2008,9 @@ do_show_cert(struct passwd *pw)
struct stat st;
int r, is_stdin = 0, ok = 0;
FILE *f;
- char *cp, line[SSH_MAX_PUBKEY_BYTES];
+ char *cp, *line = NULL;
const char *path;
+ size_t linesize = 0;
u_long lnum = 0;
if (!have_identity)
@@ -2021,7 +2026,8 @@ do_show_cert(struct passwd *pw)
} else if ((f = fopen(identity_file, "r")) == NULL)
fatal("fopen %s: %s", identity_file, strerror(errno));
- while (read_keyfile_line(f, path, line, sizeof(line), &lnum) == 0) {
+ while (getline(&line, &linesize, f) != -1) {
+ lnum++;
sshkey_free(key);
key = NULL;
/* Trim leading space and comments */
@@ -2046,6 +2052,7 @@ do_show_cert(struct passwd *pw)
printf("%s:%lu:\n", path, lnum);
print_cert(key);
}
+ free(line);
sshkey_free(key);
fclose(f);
exit(ok ? 0 : 1);
@@ -2077,7 +2084,8 @@ update_krl_from_file(struct passwd *pw, const char *file, int wild_ca,
{
struct sshkey *key = NULL;
u_long lnum = 0;
- char *path, *cp, *ep, line[SSH_MAX_PUBKEY_BYTES];
+ char *path, *cp, *ep, *line = NULL;
+ size_t linesize = 0;
unsigned long long serial, serial2;
int i, was_explicit_key, was_sha1, r;
FILE *krl_spec;
@@ -2092,8 +2100,8 @@ update_krl_from_file(struct passwd *pw, const char *file, int wild_ca,
if (!quiet)
printf("Revoking from %s\n", path);
- while (read_keyfile_line(krl_spec, path, line, sizeof(line),
- &lnum) == 0) {
+ while (getline(&line, &linesize, krl_spec) != -1) {
+ lnum++;
was_explicit_key = was_sha1 = 0;
cp = line + strspn(line, " \t");
/* Trim trailing space, comments and strip \n */
@@ -2193,6 +2201,7 @@ update_krl_from_file(struct passwd *pw, const char *file, int wild_ca,
}
if (strcmp(path, "-") != 0)
fclose(krl_spec);
+ free(line);
free(path);
}
diff --git a/ssh-keyscan.c b/ssh-keyscan.c
index 381fb084..38b1c548 100644
--- a/ssh-keyscan.c
+++ b/ssh-keyscan.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssh-keyscan.c,v 1.119 2018/03/02 21:40:15 jmc Exp $ */
+/* $OpenBSD: ssh-keyscan.c,v 1.120 2018/06/06 18:29:18 markus Exp $ */
/*
* Copyright 1995, 1996 by David Mazieres <dm at lcs.mit.edu>.
*
@@ -646,9 +646,9 @@ main(int argc, char **argv)
{
int debug_flag = 0, log_level = SYSLOG_LEVEL_INFO;
int opt, fopt_count = 0, j;
- char *tname, *cp, line[NI_MAXHOST];
+ char *tname, *cp, *line = NULL;
+ size_t linesize = 0;
FILE *fp;
- u_long linenum;
extern int optind;
extern char *optarg;
@@ -769,11 +769,8 @@ main(int argc, char **argv)
else if ((fp = fopen(argv[j], "r")) == NULL)
fatal("%s: %s: %s", __progname, argv[j],
strerror(errno));
- linenum = 0;
- while (read_keyfile_line(fp,
- argv[j] == NULL ? "(stdin)" : argv[j], line, sizeof(line),
- &linenum) != -1) {
+ while (getline(&line, &linesize, fp) != -1) {
/* Chomp off trailing whitespace and comments */
if ((cp = strchr(line, '#')) == NULL)
cp = line + strlen(line) - 1;
@@ -798,6 +795,7 @@ main(int argc, char **argv)
fclose(fp);
}
+ free(line);
while (optind < argc)
do_host(argv[optind++]);
diff --git a/ssh.h b/ssh.h
index 12d80092..5abfd7a6 100644
--- a/ssh.h
+++ b/ssh.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssh.h,v 1.87 2017/05/07 23:15:59 djm Exp $ */
+/* $OpenBSD: ssh.h,v 1.88 2018/06/06 18:29:18 markus Exp $ */
/*
* Author: Tatu Ylonen <ylo at cs.hut.fi>
@@ -30,13 +30,6 @@
*/
#define SSH_MAX_IDENTITY_FILES 100
-/*
- * Maximum length of lines in authorized_keys file.
- * Current value permits 16kbit RSA keys and 8kbit DSA keys, with
- * some room for options and comments.
- */
-#define SSH_MAX_PUBKEY_BYTES 16384
-
/*
* Major protocol version. Different version indicates major incompatibility
* that prevents communication.
--
To stop receiving notification emails like this one, please contact
djm at mindrot.org.
More information about the openssh-commits
mailing list