[openssh-commits] [openssh] 01/02: upstream: add a sshbuf_get_nulterminated_string() function to pull a

[git+noreply at mindrot.org]

This is an automated email from the git hooks/post-receive script.

djm pushed a commit to branch master
in repository openssh.

commit dec6334aaf6f542f34a0aca27dc2f535e9161a67
Author: djm at openbsd.org <djm at openbsd.org>
AuthorDate: Fri Nov 21 01:29:06 2025 +0000

    upstream: add a sshbuf_get_nulterminated_string() function to pull a
    
    \0- terminated string from a sshbuf. Intended to be used to improve parsing
    of SOCKS headers for dynamic forwarding.
    
    ok deraadt; feedback Tim van der Molen
    
    OpenBSD-Commit-ID: cf93d6db4730f7518d5269c279e16b172b484b36
---
 sshbuf-getput-basic.c | 40 +++++++++++++++++++++++++++++++++++++++-
 sshbuf.h              |  6 +++++-
 2 files changed, 44 insertions(+), 2 deletions(-)

diff --git a/sshbuf-getput-basic.c b/sshbuf-getput-basic.c
index 2cc562b24..405f7eb60 100644
--- a/sshbuf-getput-basic.c
+++ b/sshbuf-getput-basic.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: sshbuf-getput-basic.c,v 1.13 2022/05/25 06:03:44 djm Exp $	*/
+/*	$OpenBSD: sshbuf-getput-basic.c,v 1.14 2025/11/21 01:29:06 djm Exp $	*/
 /*
  * Copyright (c) 2011 Damien Miller
  *
@@ -629,3 +629,41 @@ sshbuf_get_bignum2_bytes_direct(struct sshbuf *buf,
 	}
 	return 0;
 }
+
+int
+sshbuf_get_nulterminated_string(struct sshbuf *buf, size_t maxlen,
+    char **valp, size_t *lenp)
+{
+	const u_char zero = 0;
+	char *val = NULL;
+	size_t len = 0;
+	int r;
+
+	if (valp != NULL)
+		*valp = NULL;
+	if (lenp != NULL)
+		*lenp = 0;
+	if ((r = sshbuf_find(buf, 0, &zero, sizeof(zero), &len)) != 0) {
+		if (r == SSH_ERR_INVALID_FORMAT && sshbuf_len(buf) < maxlen)
+			return SSH_ERR_MESSAGE_INCOMPLETE;
+		return r;
+	}
+	if (len > maxlen)
+		return SSH_ERR_INVALID_FORMAT;
+	/* can strdup() because it's definitely nul-terminated */
+	if ((val = strdup(sshbuf_ptr(buf))) == NULL)
+		return SSH_ERR_ALLOC_FAIL;
+	if ((r = sshbuf_consume(buf, len + 1)) != 0)
+		goto out;
+	/* success */
+	r = 0;
+	if (valp != NULL) {
+		*valp = val;
+		val = NULL;
+	}
+	if (lenp != NULL)
+		*lenp = len;
+ out:
+	free(val);
+	return r;
+}
diff --git a/sshbuf.h b/sshbuf.h
index 0c82f120c..8c18ded02 100644
--- a/sshbuf.h
+++ b/sshbuf.h
@@ -1,4 +1,4 @@
-/*	$OpenBSD: sshbuf.h,v 1.32 2025/09/02 09:41:23 djm Exp $	*/
+/*	$OpenBSD: sshbuf.h,v 1.33 2025/11/21 01:29:06 djm Exp $	*/
 /*
  * Copyright (c) 2011 Damien Miller
  *
@@ -229,6 +229,10 @@ int	sshbuf_put_ec_pkey(struct sshbuf *buf, EVP_PKEY *pkey);
 # endif /* OPENSSL_HAS_ECC */
 #endif /* WITH_OPENSSL */
 
+/* Functions to extract or store various non-SSH wire encoded values */
+int	sshbuf_get_nulterminated_string(struct sshbuf *buf, size_t maxlen,
+	    char **valp, size_t *lenp);
+
 /* Dump the contents of the buffer in a human-readable format */
 void	sshbuf_dump(const struct sshbuf *buf, FILE *f);
 

-- 
To stop receiving notification emails like this one, please contact
djm at mindrot.org.