[openssh-commits] [openssh] 03/03: upstream: Dynamically allocate encoded HashKnownHosts and free as
git+noreply at mindrot.org
git+noreply at mindrot.org
Wed Oct 6 14:40:45 AEDT 2021
This is an automated email from the git hooks/post-receive script.
djm pushed a commit to branch master
in repository openssh.
commit 57680a2ab43518c5ccbd8242c40482106cde6ac1
Author: dtucker at openbsd.org <dtucker at openbsd.org>
Date: Sat Oct 2 03:17:01 2021 +0000
upstream: Dynamically allocate encoded HashKnownHosts and free as
appropriate. Saves 1k of static storage and prevents snprintf "possible
truncation" warnings from newer compilers (although in this case it's false
positive since the actual sizes are limited by the output size of the SHA1).
ok djm@
OpenBSD-Commit-ID: e254ae723f7e3dce352c7d5abc4b6d87faf61bf4
---
hostfile.c | 20 +++++++++++---------
ssh-keygen.c | 3 ++-
ssh-keyscan.c | 7 ++++---
3 files changed, 17 insertions(+), 13 deletions(-)
diff --git a/hostfile.c b/hostfile.c
index ce00cd71..a035b381 100644
--- a/hostfile.c
+++ b/hostfile.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: hostfile.c,v 1.91 2021/07/05 01:16:46 dtucker Exp $ */
+/* $OpenBSD: hostfile.c,v 1.92 2021/10/02 03:17:01 dtucker Exp $ */
/*
* Author: Tatu Ylonen <ylo at cs.hut.fi>
* Copyright (c) 1995 Tatu Ylonen <ylo at cs.hut.fi>, Espoo, Finland
@@ -118,7 +118,7 @@ host_hash(const char *host, const char *name_from_hostfile, u_int src_len)
struct ssh_hmac_ctx *ctx;
u_char salt[256], result[256];
char uu_salt[512], uu_result[512];
- static char encoded[1024];
+ char *encoded = NULL;
u_int len;
len = ssh_digest_bytes(SSH_DIGEST_SHA1);
@@ -143,9 +143,8 @@ host_hash(const char *host, const char *name_from_hostfile, u_int src_len)
if (__b64_ntop(salt, len, uu_salt, sizeof(uu_salt)) == -1 ||
__b64_ntop(result, len, uu_result, sizeof(uu_result)) == -1)
fatal_f("__b64_ntop failed");
-
- snprintf(encoded, sizeof(encoded), "%s%s%c%s", HASH_MAGIC, uu_salt,
- HASH_DELIM, uu_result);
+ xasprintf(&encoded, "%s%s%c%s", HASH_MAGIC, uu_salt, HASH_DELIM,
+ uu_result);
return (encoded);
}
@@ -456,6 +455,7 @@ write_host_entry(FILE *f, const char *host, const char *ip,
else {
fprintf(f, "%s ", lhost);
}
+ free(hashed_host);
free(lhost);
if ((r = sshkey_write(key, f)) == 0)
success = 1;
@@ -730,8 +730,8 @@ hostfile_replace_entries(const char *filename, const char *host, const char *ip,
static int
match_maybe_hashed(const char *host, const char *names, int *was_hashed)
{
- int hashed = *names == HASH_DELIM;
- const char *hashed_host;
+ int hashed = *names == HASH_DELIM, ret;
+ char *hashed_host = NULL;
size_t nlen = strlen(names);
if (was_hashed != NULL)
@@ -739,8 +739,10 @@ match_maybe_hashed(const char *host, const char *names, int *was_hashed)
if (hashed) {
if ((hashed_host = host_hash(host, names, nlen)) == NULL)
return -1;
- return nlen == strlen(hashed_host) &&
- strncmp(hashed_host, names, nlen) == 0;
+ ret = (nlen == strlen(hashed_host) &&
+ strncmp(hashed_host, names, nlen) == 0);
+ free(hashed_host);
+ return ret;
}
return match_hostname(host, names) == 1;
}
diff --git a/ssh-keygen.c b/ssh-keygen.c
index 4b40768d..9b912f0a 100644
--- a/ssh-keygen.c
+++ b/ssh-keygen.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssh-keygen.c,v 1.437 2021/09/08 03:23:44 djm Exp $ */
+/* $OpenBSD: ssh-keygen.c,v 1.438 2021/10/02 03:17:01 dtucker Exp $ */
/*
* Author: Tatu Ylonen <ylo at cs.hut.fi>
* Copyright (c) 1994 Tatu Ylonen <ylo at cs.hut.fi>, Espoo, Finland
@@ -1203,6 +1203,7 @@ known_hosts_hash(struct hostkey_foreach_line *l, void *_ctx)
if ((hashed = host_hash(cp, NULL, 0)) == NULL)
fatal("hash_host failed");
fprintf(ctx->out, "%s %s\n", hashed, l->rawkey);
+ free(hashed);
ctx->has_unhashed = 1;
}
free(ohosts);
diff --git a/ssh-keyscan.c b/ssh-keyscan.c
index 7abbcbff..d688b3c3 100644
--- a/ssh-keyscan.c
+++ b/ssh-keyscan.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssh-keyscan.c,v 1.139 2021/01/27 09:26:54 djm Exp $ */
+/* $OpenBSD: ssh-keyscan.c,v 1.140 2021/10/02 03:17:01 dtucker Exp $ */
/*
* Copyright 1995, 1996 by David Mazieres <dm at lcs.mit.edu>.
*
@@ -305,8 +305,8 @@ keygrab_ssh2(con *c)
static void
keyprint_one(const char *host, struct sshkey *key)
{
- char *hostport;
- const char *known_host, *hashed;
+ char *hostport = NULL, *hashed = NULL;
+ const char *known_host;
found_one = 1;
@@ -324,6 +324,7 @@ keyprint_one(const char *host, struct sshkey *key)
fprintf(stdout, "%s ", known_host);
sshkey_write(key, stdout);
fputs("\n", stdout);
+ free(hashed);
free(hostport);
}
--
To stop receiving notification emails like this one, please contact
djm at mindrot.org.
More information about the openssh-commits
mailing list