diff options
| author | Damien Miller <djm@cvs.openbsd.org> | 2024-09-24 02:28:18 +0000 |
|---|---|---|
| committer | Damien Miller <djm@cvs.openbsd.org> | 2024-09-24 02:28:18 +0000 |
| commit | 65e272b10fb89ecac630b44a8757def6fdf585a0 (patch) | |
| tree | 79fad31abf388d94434136efaa0e1a4096329bef /usr.bin/ssh | |
| parent | cc005793dfcdcbdae04b686c9efe90876bfc8a16 (diff) | |
some extra paranoia, reminded by jsg@
Diffstat (limited to 'usr.bin/ssh')
| -rw-r--r-- | usr.bin/ssh/ssh-agent.c | 6 |
1 files changed, 5 insertions, 1 deletions
diff --git a/usr.bin/ssh/ssh-agent.c b/usr.bin/ssh/ssh-agent.c index 1b4c9650055..dbbaf3192ca 100644 --- a/usr.bin/ssh/ssh-agent.c +++ b/usr.bin/ssh/ssh-agent.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh-agent.c,v 1.306 2024/03/09 05:12:13 djm Exp $ */ +/* $OpenBSD: ssh-agent.c,v 1.307 2024/09/24 02:28:17 djm Exp $ */ /* * Author: Tatu Ylonen <ylo@cs.hut.fi> * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland @@ -1690,6 +1690,10 @@ process_ext_session_bind(SocketEntry *e) error_fr(r, "parse"); goto out; } + if (sshbuf_len(sid) > AGENT_MAX_SID_LEN) { + error_f("session ID too long"); + goto out; + } if ((fp = sshkey_fingerprint(key, SSH_FP_HASH_DEFAULT, SSH_FP_DEFAULT)) == NULL) fatal_f("fingerprint failed"); |