ssh-keyscan: xmalloc out of memory error

dat truong datqtruong at yahoo.com
Sat Jan 26 05:05:22 EST 2002 

Thanks Markus.

-Dat


--- Markus Friedl <markus at openbsd.org> wrote:
> fix in current:
> 
> 
> Index: ssh-keyscan.c
>
===================================================================
> RCS file: /cvs/src/usr.bin/ssh/ssh-keyscan.c,v
> retrieving revision 1.32
> retrieving revision 1.33
> diff -u -r1.32 -r1.33
> --- ssh-keyscan.c	22 Nov 2001 05:27:29 -0000	1.32
> +++ ssh-keyscan.c	10 Dec 2001 20:34:31 -0000	1.33
> @@ -7,7 +7,7 @@
>   */
>  
>  #include "includes.h"
> -RCSID("$OpenBSD: ssh-keyscan.c,v 1.32 2001/11/22
> 05:27:29 stevesk Exp $");
> +RCSID("$OpenBSD: ssh-keyscan.c,v 1.33 2001/12/10
> 20:34:31 markus Exp $");
>  
>  #include <sys/queue.h>
>  #include <errno.h>
> @@ -469,8 +469,9 @@
>  congreet(int s)
>  {
>  	char buf[256], *cp;
> +	char remote_version[sizeof buf];
>  	size_t bufsiz;
> -	int n = 0;
> +	int remote_major, remote_minor, n = 0;
>  	con *c = &fdcon[s];
>  
>  	bufsiz = sizeof(buf);
> @@ -492,20 +493,21 @@
>  		return;
>  	}
>  	*cp = '\0';
> +	if (sscanf(buf, "SSH-%d.%d-%[^\n]\n",
> +	    &remote_major, &remote_minor, remote_version)
> == 3)
> +		compat_datafellows(remote_version);
> +	else
> +		datafellows = 0;
>  	if (c->c_keytype != KT_RSA1) {
> -		int remote_major, remote_minor;
> -		char remote_version[sizeof buf];
> -
> -		if (sscanf(buf, "SSH-%d.%d-%[^\n]\n",
> -		    &remote_major, &remote_minor, remote_version)
> == 3)
> -			compat_datafellows(remote_version);
> -		else
> -			datafellows = 0;
>  		if (!ssh2_capable(remote_major, remote_minor)) {
>  			debug("%s doesn't support ssh2", c->c_name);
>  			confree(s);
>  			return;
>  		}
> +	} else if (remote_major != 1) {
> +		debug("%s doesn't support ssh1", c->c_name);
> +		confree(s);
> +		return;
>  	}
>  	fprintf(stderr, "# %s %s\n", c->c_name,
> chop(buf));
>  	n = snprintf(buf, sizeof buf,
> "SSH-%d.%d-OpenSSH-keyscan\r\n",
> 
>
---------------------------------------------------------------------
> To unsubscribe, e-mail:
> secureshell-unsubscribe at securityfocus.com
> For additional commands, e-mail:
> secureshell-help at securityfocus.com
> 


__________________________________________________
Do You Yahoo!?
Great stuff seeking new owners in Yahoo! Auctions! 
http://auctions.yahoo.com

More information about the openssh-unix-dev mailing list