diff options
Diffstat (limited to 'crypto/openssh/bufaux.c')
-rw-r--r-- | crypto/openssh/bufaux.c | 28 |
1 files changed, 22 insertions, 6 deletions
diff --git a/crypto/openssh/bufaux.c b/crypto/openssh/bufaux.c index cd9a35d..4ef19c4 100644 --- a/crypto/openssh/bufaux.c +++ b/crypto/openssh/bufaux.c @@ -1,4 +1,4 @@ -/* $OpenBSD: bufaux.c,v 1.46 2008/06/10 23:21:34 dtucker Exp $ */ +/* $OpenBSD: bufaux.c,v 1.48 2010/02/02 22:49:34 djm Exp $ */ /* * Author: Tatu Ylonen <ylo@cs.hut.fi> * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland @@ -166,7 +166,10 @@ buffer_get_string_ret(Buffer *buffer, u_int *length_ptr) u_int len; /* Get the length. */ - len = buffer_get_int(buffer); + if (buffer_get_int_ret(&len, buffer) != 0) { + error("buffer_get_string_ret: cannot extract length"); + return (NULL); + } if (len > 256 * 1024) { error("buffer_get_string_ret: bad string length %u", len); return (NULL); @@ -198,14 +201,17 @@ buffer_get_string(Buffer *buffer, u_int *length_ptr) } void * -buffer_get_string_ptr(Buffer *buffer, u_int *length_ptr) +buffer_get_string_ptr_ret(Buffer *buffer, u_int *length_ptr) { void *ptr; u_int len; - len = buffer_get_int(buffer); - if (len > 256 * 1024) - fatal("buffer_get_string_ptr: bad string length %u", len); + if (buffer_get_int_ret(&len, buffer) != 0) + return NULL; + if (len > 256 * 1024) { + error("buffer_get_string_ptr: bad string length %u", len); + return NULL; + } ptr = buffer_ptr(buffer); buffer_consume(buffer, len); if (length_ptr) @@ -213,6 +219,16 @@ buffer_get_string_ptr(Buffer *buffer, u_int *length_ptr) return (ptr); } +void * +buffer_get_string_ptr(Buffer *buffer, u_int *length_ptr) +{ + void *ret; + + if ((ret = buffer_get_string_ptr_ret(buffer, length_ptr)) == NULL) + fatal("buffer_get_string_ptr: buffer error"); + return (ret); +} + /* * Stores and arbitrary binary string in the buffer. */ |