summaryrefslogtreecommitdiff
path: root/usr.bin/ssh/ssh.c
diff options
context:
space:
mode:
authorTheo de Raadt <deraadt@cvs.openbsd.org>2007-11-03 01:24:07 +0000
committerTheo de Raadt <deraadt@cvs.openbsd.org>2007-11-03 01:24:07 +0000
commit83d6d110b2c36debd99e91e5e48492b4d0943431 (patch)
tree88dc4ec37f3f12ac142dbab1a1ec96d200486406 /usr.bin/ssh/ssh.c
parentec960274575d160b2df051611097a9ba5e71335b (diff)
bz #1377: getpwuid results were being clobbered by another getpw* call
inside tilde_expand_filename(); save the data we need carefully ok djm
Diffstat (limited to 'usr.bin/ssh/ssh.c')
-rw-r--r--usr.bin/ssh/ssh.c13
1 files changed, 10 insertions, 3 deletions
diff --git a/usr.bin/ssh/ssh.c b/usr.bin/ssh/ssh.c
index 2e8be6ca954..d575f2ee552 100644
--- a/usr.bin/ssh/ssh.c
+++ b/usr.bin/ssh/ssh.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssh.c,v 1.305 2007/10/29 06:54:50 dtucker Exp $ */
+/* $OpenBSD: ssh.c,v 1.306 2007/11/03 01:24:06 deraadt Exp $ */
/*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -1211,6 +1211,7 @@ static void
load_public_identity_files(void)
{
char *filename, *cp, thishost[NI_MAXHOST];
+ char *pwdir = NULL, *pwname = NULL;
int i = 0;
Key *public;
struct passwd *pw;
@@ -1239,14 +1240,16 @@ load_public_identity_files(void)
#endif /* SMARTCARD */
if ((pw = getpwuid(original_real_uid)) == NULL)
fatal("load_public_identity_files: getpwuid failed");
+ pwname = strdup(pw->pw_name);
+ pwdir = strdup(pw->pw_dir);
if (gethostname(thishost, sizeof(thishost)) == -1)
fatal("load_public_identity_files: gethostname: %s",
strerror(errno));
for (; i < options.num_identity_files; i++) {
cp = tilde_expand_filename(options.identity_files[i],
original_real_uid);
- filename = percent_expand(cp, "d", pw->pw_dir,
- "u", pw->pw_name, "l", thishost, "h", host,
+ filename = percent_expand(cp, "d", pwdir,
+ "u", pwname, "l", thishost, "h", host,
"r", options.user, (char *)NULL);
xfree(cp);
public = key_load_public(filename, NULL);
@@ -1256,6 +1259,10 @@ load_public_identity_files(void)
options.identity_files[i] = filename;
options.identity_keys[i] = public;
}
+ bzero(pwname, strlen(pwname));
+ free(pwname);
+ bzero(pwdir, strlen(pwdir));
+ free(pwdir);
}
static void