summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorTheo de Raadt <deraadt@cvs.openbsd.org>2006-03-28 01:52:29 +0000
committerTheo de Raadt <deraadt@cvs.openbsd.org>2006-03-28 01:52:29 +0000
commit3d35ab0f8db9d8c8c9a6781be654e4334530ab22 (patch)
treec79ee64e7839b9007a42cc0e1fc4fda8d0696a52
parenta767f1607d21cb3fa5c28c8c154aeeacf50992a2 (diff)
do not accept unreasonable X ports numbers; ok djm
-rw-r--r--usr.bin/ssh/channels.c16
1 files changed, 8 insertions, 8 deletions
diff --git a/usr.bin/ssh/channels.c b/usr.bin/ssh/channels.c
index 03d81a03105..b55fb69b557 100644
--- a/usr.bin/ssh/channels.c
+++ b/usr.bin/ssh/channels.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: channels.c,v 1.247 2006/03/25 18:58:10 deraadt Exp $ */
+/* $OpenBSD: channels.c,v 1.248 2006/03/28 01:52:28 deraadt Exp $ */
/*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -2852,12 +2852,12 @@ connect_local_xsocket(u_int dnr)
int
x11_connect_display(void)
{
- int display_number, sock = 0;
+ u_int display_number;
const char *display;
char buf[1024], *cp;
struct addrinfo hints, *ai, *aitop;
char strport[NI_MAXSERV];
- int gaierr;
+ int gaierr, sock = 0;
/* Try to open a socket for the local X server. */
display = getenv("DISPLAY");
@@ -2877,7 +2877,7 @@ x11_connect_display(void)
if (strncmp(display, "unix:", 5) == 0 ||
display[0] == ':') {
/* Connect to the unix domain socket. */
- if (sscanf(strrchr(display, ':') + 1, "%d", &display_number) != 1) {
+ if (sscanf(strrchr(display, ':') + 1, "%u", &display_number) != 1) {
error("Could not parse display number from DISPLAY: %.100s",
display);
return -1;
@@ -2902,7 +2902,7 @@ x11_connect_display(void)
}
*cp = 0;
/* buf now contains the host name. But first we parse the display number. */
- if (sscanf(cp + 1, "%d", &display_number) != 1) {
+ if (sscanf(cp + 1, "%u", &display_number) != 1) {
error("Could not parse display number from DISPLAY: %.100s",
display);
return -1;
@@ -2912,7 +2912,7 @@ x11_connect_display(void)
memset(&hints, 0, sizeof(hints));
hints.ai_family = IPv4or6;
hints.ai_socktype = SOCK_STREAM;
- snprintf(strport, sizeof strport, "%d", 6000 + display_number);
+ snprintf(strport, sizeof strport, "%u", 6000 + display_number);
if ((gaierr = getaddrinfo(buf, strport, &hints, &aitop)) != 0) {
error("%.100s: unknown host. (%s)", buf, gai_strerror(gaierr));
return -1;
@@ -2926,7 +2926,7 @@ x11_connect_display(void)
}
/* Connect it to the display. */
if (connect(sock, ai->ai_addr, ai->ai_addrlen) < 0) {
- debug2("connect %.100s port %d: %.100s", buf,
+ debug2("connect %.100s port %u: %.100s", buf,
6000 + display_number, strerror(errno));
close(sock);
continue;
@@ -2936,7 +2936,7 @@ x11_connect_display(void)
}
freeaddrinfo(aitop);
if (!ai) {
- error("connect %.100s port %d: %.100s", buf, 6000 + display_number,
+ error("connect %.100s port %u: %.100s", buf, 6000 + display_number,
strerror(errno));
return -1;
}