summaryrefslogtreecommitdiff
path: root/usr.bin/ssh/sftp-client.c
diff options
context:
space:
mode:
authorDamien Miller <djm@cvs.openbsd.org>2006-03-25 01:13:24 +0000
committerDamien Miller <djm@cvs.openbsd.org>2006-03-25 01:13:24 +0000
commit9a8aaa01f21a60e2f5f372b9722e363b36254df9 (patch)
tree2f9a74072ee701d5c60ccf0b6c31f22ac1be3a57 /usr.bin/ssh/sftp-client.c
parent2deaa1649526d4ce68eed29e66d89d32fea75950 (diff)
change OpenSSH's xrealloc() function from being xrealloc(p, new_size) to
xrealloc(p, new_nmemb, new_itemsize). realloc is particularly prone to integer overflows because it is almost always allocating "n * size" bytes, so this is a far safer API; ok deraadt@
Diffstat (limited to 'usr.bin/ssh/sftp-client.c')
-rw-r--r--usr.bin/ssh/sftp-client.c3
1 files changed, 1 insertions, 2 deletions
diff --git a/usr.bin/ssh/sftp-client.c b/usr.bin/ssh/sftp-client.c
index 82ae32900b9..46f1ab554fd 100644
--- a/usr.bin/ssh/sftp-client.c
+++ b/usr.bin/ssh/sftp-client.c
@@ -389,8 +389,7 @@ do_lsreaddir(struct sftp_conn *conn, char *path, int printflag,
printf("%s\n", longname);
if (dir) {
- *dir = xrealloc(*dir, sizeof(**dir) *
- (ents + 2));
+ *dir = xrealloc(*dir, ents + 2, sizeof(**dir));
(*dir)[ents] = xmalloc(sizeof(***dir));
(*dir)[ents]->filename = xstrdup(filename);
(*dir)[ents]->longname = xstrdup(longname);
generated by cgit v1.2.3 (git 2.25.1) at 2024-12-04 05:23:28 +0000