[PATCH] Fixes null pointer dereference in do_setup_env().
Jubin Zhong
zhongjubin at huawei.com
Sat Nov 28 13:05:00 AEDT 2020
There is a wrong usage of strchr() in openssh. strchr() shall return a
null pointer if the char was not found. Check whether return value is
NULL instead of dereferencing it.
Signed-off-by: Jubin Zhong <zhongjubin at huawei.com>
---
session.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/session.c b/session.c
index b25cbca..9e9d5fe 100644
--- a/session.c
+++ b/session.c
@@ -1105,7 +1105,7 @@ do_setup_env(struct ssh *ssh, Session *s, const char *shell)
for (n = 0 ; n < auth_opts->nenv; n++) {
ocp = xstrdup(auth_opts->env[n]);
cp = strchr(ocp, '=');
- if (*cp == '=') {
+ if (cp != NULL) {
*cp = '\0';
/* Apply PermitUserEnvironment allowlist */
if (options.permit_user_env_allowlist == NULL ||
--
1.8.5.6
More information about the openssh-unix-dev
mailing list