[openssh-commits] [openssh] 02/03: upstream: Fix potential 1-byte array overrun
git+noreply at mindrot.org
git+noreply at mindrot.org
Wed Mar 11 21:08:31 AEDT 2026
This is an automated email from the git hooks/post-receive script.
dtucker pushed a commit to branch master
in repository openssh.
commit 24168275e6d0b29cf2233c3f2c1d4a4614feb582
Author: dtucker at openbsd.org <dtucker at openbsd.org>
AuthorDate: Wed Mar 11 09:04:17 2026 +0000
upstream: Fix potential 1-byte array overrun
in the case where read() returns exactly 100 bytes. Flagged by Coverity
CID 901296, ok djm@
OpenBSD-Commit-ID: 66a96b08166e63dcbeed00297c33f09c4f22c1f7
---
ssh-sk-client.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/ssh-sk-client.c b/ssh-sk-client.c
index c5f837e26..3c603c0e0 100644
--- a/ssh-sk-client.c
+++ b/ssh-sk-client.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssh-sk-client.c,v 1.16 2026/03/10 03:45:01 deraadt Exp $ */
+/* $OpenBSD: ssh-sk-client.c,v 1.17 2026/03/11 09:04:17 dtucker Exp $ */
/*
* Copyright (c) 2019 Google LLC
*
@@ -113,7 +113,7 @@ start_helper(int *fdp, pid_t *pidp, void (**osigchldp)(int))
n = read(execpipe[0], execbuf, sizeof execbuf);
close(execpipe[0]);
if (n > 0) {
- execbuf[n] = '\0';
+ execbuf[n - 1] = '\0';
error_f("%s", execbuf);
return SSH_ERR_AGENT_FAILURE;
}
--
To stop receiving notification emails like this one, please contact
djm at mindrot.org.
More information about the openssh-commits
mailing list