OpenSSH-2.1.1p2: Is this misuse of strtok?
Chan Shih-Ping Richard
cshihpin at dso.org.sg
Wed Jul 5 19:25:28 EST 2000
Is this a misuse of strtok() in OpenSSH-2.1.1p2?
readconf.c:process_config_line() calls strtok() to
parse config lines. When it finds oProtocol it calls
compat.c:proto_spec() which in turns uses strtok().
However on return of proto_spec(), process_config_line() calls
strtok() once more to (quoting from the source code)
/* Check that there is no garbage at end of line. */
But surely strtok() is being called with the context established
by proto_spec() rather than the original context.
A similar problem seems to occur in servconf.c.
--
Chan Shih-Ping (Richard) <cshihpin at dso.org.sg>
DSO National Laboratories
20 Science Park Drive
Singapore 118230
More information about the openssh-unix-dev
mailing list