diff options
| author | des <des@FreeBSD.org> | 2016-03-12 23:53:20 +0000 |
|---|---|---|
| committer | des <des@FreeBSD.org> | 2016-03-12 23:53:20 +0000 |
| commit | 629436fac8d85a5c231a09fdc142b64f3d6b0de4 (patch) | |
| tree | 1d80569f877f044481a89257a41345cacf910c22 /crypto/openssh/sftp-server.c | |
| parent | 976f44ffb6fcd46b126d64871bc40d47ed7a3814 (diff) | |
| download | FreeBSD-src-629436fac8d85a5c231a09fdc142b64f3d6b0de4.zip FreeBSD-src-629436fac8d85a5c231a09fdc142b64f3d6b0de4.tar.gz | |
MFH (r296633): upgrade to 7.2p2 (fixes xauth command injection bug)
MFH (r296634): re-add aes-cbc to server-side default cipher list
MFH (r296651, r296657): fix gcc build of pam_ssh
PR: 207679
Security: CVE-2016-3115
Diffstat (limited to 'crypto/openssh/sftp-server.c')
| -rw-r--r-- | crypto/openssh/sftp-server.c | 12 |
1 files changed, 8 insertions, 4 deletions
diff --git a/crypto/openssh/sftp-server.c b/crypto/openssh/sftp-server.c index eac11d7..e11a1b8 100644 --- a/crypto/openssh/sftp-server.c +++ b/crypto/openssh/sftp-server.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sftp-server.c,v 1.107 2015/08/20 22:32:42 deraadt Exp $ */ +/* $OpenBSD: sftp-server.c,v 1.109 2016/02/15 09:47:49 dtucker Exp $ */ /* * Copyright (c) 2000-2004 Markus Friedl. All rights reserved. * @@ -1513,6 +1513,7 @@ sftp_server_main(int argc, char **argv, struct passwd *user_pw) extern char *optarg; extern char *__progname; + ssh_malloc_init(); /* must be called before any mallocs */ __progname = ssh_get_progname(argv[0]); log_init(__progname, log_level, log_facility, log_stderr); @@ -1598,6 +1599,9 @@ sftp_server_main(int argc, char **argv, struct passwd *user_pw) fatal("unable to make the process undumpable"); #endif /* defined(HAVE_PRCTL) && defined(PR_SET_DUMPABLE) */ + /* Drop any fine-grained privileges we don't need */ + platform_pledge_sftp_server(); + if ((cp = getenv("SSH_CONNECTION")) != NULL) { client_addr = xstrdup(cp); if ((cp = strchr(client_addr, ' ')) == NULL) { @@ -1631,9 +1635,8 @@ sftp_server_main(int argc, char **argv, struct passwd *user_pw) if ((oqueue = sshbuf_new()) == NULL) fatal("%s: sshbuf_new failed", __func__); - set_size = howmany(max + 1, NFDBITS) * sizeof(fd_mask); - rset = xmalloc(set_size); - wset = xmalloc(set_size); + rset = xcalloc(howmany(max + 1, NFDBITS), sizeof(fd_mask)); + wset = xcalloc(howmany(max + 1, NFDBITS), sizeof(fd_mask)); if (homedir != NULL) { if (chdir(homedir) != 0) { @@ -1642,6 +1645,7 @@ sftp_server_main(int argc, char **argv, struct passwd *user_pw) } } + set_size = howmany(max + 1, NFDBITS) * sizeof(fd_mask); for (;;) { memset(rset, 0, set_size); memset(wset, 0, set_size); |
