OpenSSH-2.1.1p2: Is this misuse of strtok?

Damien Miller djm at mindrot.org
Sat Jul 8 10:39:16 EST 2000


On Wed, 5 Jul 2000, Chan Shih-Ping Richard wrote:

> Is this a misuse of strtok() in OpenSSH-2.1.1p2?

Yes.

The error is pretty harmless - it will cause garbage at the end of 
"Protocol" lines to be ignored.

Markus - is this worth fixing?

--d

> readconf.c:process_config_line() calls strtok() to
> parse config lines. When it finds oProtocol it calls
> compat.c:proto_spec() which in turns uses strtok().
> 
> However on return of proto_spec(),  process_config_line() calls
> strtok() once more to (quoting from the source code)
> 	/* Check that there is no garbage at end of line. */
> 
> But surely strtok() is being called with the context established
> by proto_spec() rather than the original context.
> 
> A similar problem seems to occur in servconf.c.
> 
> 
> 

-- 
| "Bombay is 250ms from New York in the new world order" - Alan Cox
| Damien Miller - http://www.mindrot.org/
| Email: djm at mindrot.org (home) -or- djm at ibs.com.au (work)








More information about the openssh-unix-dev mailing list