diff options
Diffstat (limited to 'crypto/openssh/channels.c')
| -rw-r--r-- | crypto/openssh/channels.c | 15 |
1 files changed, 8 insertions, 7 deletions
diff --git a/crypto/openssh/channels.c b/crypto/openssh/channels.c index ffff261..73e8896 100644 --- a/crypto/openssh/channels.c +++ b/crypto/openssh/channels.c @@ -1,4 +1,4 @@ -/* $OpenBSD: channels.c,v 1.328 2013/12/19 01:04:36 djm Exp $ */ +/* $OpenBSD: channels.c,v 1.331 2014/02/26 20:29:29 djm Exp $ */ /* $FreeBSD$ */ /* * Author: Tatu Ylonen <ylo@cs.hut.fi> @@ -430,7 +430,7 @@ channel_free(Channel *c) if (cc->abandon_cb != NULL) cc->abandon_cb(c, cc->ctx); TAILQ_REMOVE(&c->status_confirms, cc, entry); - bzero(cc, sizeof(*cc)); + explicit_bzero(cc, sizeof(*cc)); free(cc); } if (c->filter_cleanup != NULL && c->filter_ctx != NULL) @@ -1114,6 +1114,9 @@ channel_decode_socks4(Channel *c, fd_set *readset, fd_set *writeset) buffer_get(&c->input, (char *)&s4_req.dest_addr, 4); have = buffer_len(&c->input); p = buffer_ptr(&c->input); + if (memchr(p, '\0', have) == NULL) + fatal("channel %d: decode socks4: user not nul terminated", + c->self); len = strlen(p); debug2("channel %d: decode socks4: user %s/%d", c->self, p, len); len++; /* trailing '\0' */ @@ -1428,7 +1431,7 @@ port_open_helper(Channel *c, char *rtype) int direct; char buf[1024]; char *local_ipaddr = get_local_ipaddr(c->sock); - int local_port = get_sock_port(c->sock, 1); + int local_port = c->sock == -1 ? 65536 : get_sock_port(c->sock, 1); char *remote_ipaddr = get_peer_ipaddr(c->sock); int remote_port = get_peer_port(c->sock); @@ -2724,7 +2727,7 @@ channel_input_status_confirm(int type, u_int32_t seq, void *ctxt) return; cc->cb(type, c, cc->ctx); TAILQ_REMOVE(&c->status_confirms, cc, entry); - bzero(cc, sizeof(*cc)); + explicit_bzero(cc, sizeof(*cc)); free(cc); } @@ -3373,9 +3376,7 @@ channel_connect_ctx_free(struct channel_connect *cctx) free(cctx->host); if (cctx->aitop) freeaddrinfo(cctx->aitop); - bzero(cctx, sizeof(*cctx)); - cctx->host = NULL; - cctx->ai = cctx->aitop = NULL; + memset(cctx, 0, sizeof(*cctx)); } /* Return CONNECTING channel to remote host, port */ |
