diff options
author | Theo de Raadt <deraadt@cvs.openbsd.org> | 2007-11-03 01:24:07 +0000 |
---|---|---|
committer | Theo de Raadt <deraadt@cvs.openbsd.org> | 2007-11-03 01:24:07 +0000 |
commit | 83d6d110b2c36debd99e91e5e48492b4d0943431 (patch) | |
tree | 88dc4ec37f3f12ac142dbab1a1ec96d200486406 /usr.bin/ssh/ssh.c | |
parent | ec960274575d160b2df051611097a9ba5e71335b (diff) |
bz #1377: getpwuid results were being clobbered by another getpw* call
inside tilde_expand_filename(); save the data we need carefully
ok djm
Diffstat (limited to 'usr.bin/ssh/ssh.c')
-rw-r--r-- | usr.bin/ssh/ssh.c | 13 |
1 files changed, 10 insertions, 3 deletions
diff --git a/usr.bin/ssh/ssh.c b/usr.bin/ssh/ssh.c index 2e8be6ca954..d575f2ee552 100644 --- a/usr.bin/ssh/ssh.c +++ b/usr.bin/ssh/ssh.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh.c,v 1.305 2007/10/29 06:54:50 dtucker Exp $ */ +/* $OpenBSD: ssh.c,v 1.306 2007/11/03 01:24:06 deraadt Exp $ */ /* * Author: Tatu Ylonen <ylo@cs.hut.fi> * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland @@ -1211,6 +1211,7 @@ static void load_public_identity_files(void) { char *filename, *cp, thishost[NI_MAXHOST]; + char *pwdir = NULL, *pwname = NULL; int i = 0; Key *public; struct passwd *pw; @@ -1239,14 +1240,16 @@ load_public_identity_files(void) #endif /* SMARTCARD */ if ((pw = getpwuid(original_real_uid)) == NULL) fatal("load_public_identity_files: getpwuid failed"); + pwname = strdup(pw->pw_name); + pwdir = strdup(pw->pw_dir); if (gethostname(thishost, sizeof(thishost)) == -1) fatal("load_public_identity_files: gethostname: %s", strerror(errno)); for (; i < options.num_identity_files; i++) { cp = tilde_expand_filename(options.identity_files[i], original_real_uid); - filename = percent_expand(cp, "d", pw->pw_dir, - "u", pw->pw_name, "l", thishost, "h", host, + filename = percent_expand(cp, "d", pwdir, + "u", pwname, "l", thishost, "h", host, "r", options.user, (char *)NULL); xfree(cp); public = key_load_public(filename, NULL); @@ -1256,6 +1259,10 @@ load_public_identity_files(void) options.identity_files[i] = filename; options.identity_keys[i] = public; } + bzero(pwname, strlen(pwname)); + free(pwname); + bzero(pwdir, strlen(pwdir)); + free(pwdir); } static void |