diff options
| -rw-r--r-- | usr.bin/ssh/auth.c | 6 | ||||
| -rw-r--r-- | usr.bin/ssh/auth2-none.c | 11 | ||||
| -rw-r--r-- | usr.bin/ssh/authfile.c | 16 | ||||
| -rw-r--r-- | usr.bin/ssh/channels.c | 4 | ||||
| -rw-r--r-- | usr.bin/ssh/monitor.c | 4 | ||||
| -rw-r--r-- | usr.bin/ssh/monitor_mm.c | 4 | ||||
| -rw-r--r-- | usr.bin/ssh/packet.c | 12 | ||||
| -rw-r--r-- | usr.bin/ssh/packet.h | 4 | ||||
| -rw-r--r-- | usr.bin/ssh/progressmeter.c | 4 | ||||
| -rw-r--r-- | usr.bin/ssh/session.c | 5 |
10 files changed, 41 insertions, 29 deletions
diff --git a/usr.bin/ssh/auth.c b/usr.bin/ssh/auth.c index 544d6321e76..404e850c047 100644 --- a/usr.bin/ssh/auth.c +++ b/usr.bin/ssh/auth.c @@ -23,7 +23,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: auth.c,v 1.52 2004/05/08 00:01:37 deraadt Exp $"); +RCSID("$OpenBSD: auth.c,v 1.53 2004/05/11 19:01:43 deraadt Exp $"); #include <libgen.h> @@ -473,8 +473,8 @@ fakepw(void) fake.pw_passwd = "$2a$06$r3.juUaHZDlIbQaO2dS9FuYxL1W9M81R1Tc92PoSNmzvpEqLkLGrK"; fake.pw_gecos = "NOUSER"; - fake.pw_uid = -1; - fake.pw_gid = -1; + fake.pw_uid = (uid_t)-1; + fake.pw_gid = (gid_t)-1; fake.pw_class = ""; fake.pw_dir = "/nonexist"; fake.pw_shell = "/nonexist"; diff --git a/usr.bin/ssh/auth2-none.c b/usr.bin/ssh/auth2-none.c index 58df8d33b09..2a4680578cb 100644 --- a/usr.bin/ssh/auth2-none.c +++ b/usr.bin/ssh/auth2-none.c @@ -23,7 +23,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: auth2-none.c,v 1.6 2003/08/26 09:58:43 markus Exp $"); +RCSID("$OpenBSD: auth2-none.c,v 1.7 2004/05/11 19:01:43 deraadt Exp $"); #include "auth.h" #include "xmalloc.h" @@ -46,7 +46,7 @@ auth2_read_banner(void) { struct stat st; char *banner = NULL; - off_t len, n; + size_t len, n; int fd; if ((fd = open(options.banner, O_RDONLY)) == -1) @@ -55,7 +55,12 @@ auth2_read_banner(void) close(fd); return (NULL); } - len = st.st_size; + if (st.st_size > 1*1024*1024) { + close(fd); + return (NULL); + } + + len = (size_t)st.st_size; /* truncate */ banner = xmalloc(len + 1); n = atomicio(read, fd, banner, len); close(fd); diff --git a/usr.bin/ssh/authfile.c b/usr.bin/ssh/authfile.c index a7174398343..cbe9f4fbbac 100644 --- a/usr.bin/ssh/authfile.c +++ b/usr.bin/ssh/authfile.c @@ -36,7 +36,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: authfile.c,v 1.55 2003/09/18 07:56:05 markus Exp $"); +RCSID("$OpenBSD: authfile.c,v 1.56 2004/05/11 19:01:43 deraadt Exp $"); #include <openssl/err.h> #include <openssl/evp.h> @@ -236,14 +236,16 @@ key_load_public_rsa1(int fd, const char *filename, char **commentp) struct stat st; char *cp; int i; - off_t len; + size_t len; if (fstat(fd, &st) < 0) { error("fstat for key file %.200s failed: %.100s", filename, strerror(errno)); return NULL; } - len = st.st_size; + if (st.st_size > 1*1024*1024) + close(fd); + len = (size_t)st.st_size; /* truncated */ buffer_init(&buffer); cp = buffer_append_space(&buffer, len); @@ -318,7 +320,7 @@ key_load_private_rsa1(int fd, const char *filename, const char *passphrase, char **commentp) { int i, check1, check2, cipher_type; - off_t len; + size_t len; Buffer buffer, decrypted; u_char *cp; CipherContext ciphercontext; @@ -332,7 +334,11 @@ key_load_private_rsa1(int fd, const char *filename, const char *passphrase, close(fd); return NULL; } - len = st.st_size; + if (st.st_size > 1*1024*1024) { + close(fd); + return (NULL); + } + len = (size_t)st.st_size; /* truncated */ buffer_init(&buffer); cp = buffer_append_space(&buffer, len); diff --git a/usr.bin/ssh/channels.c b/usr.bin/ssh/channels.c index 8bc5f081d2b..450444dbcb8 100644 --- a/usr.bin/ssh/channels.c +++ b/usr.bin/ssh/channels.c @@ -39,7 +39,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: channels.c,v 1.200 2004/01/19 09:24:21 markus Exp $"); +RCSID("$OpenBSD: channels.c,v 1.201 2004/05/11 19:01:43 deraadt Exp $"); #include "ssh.h" #include "ssh1.h" @@ -1030,7 +1030,7 @@ channel_decode_socks5(Channel *c, fd_set * readset, fd_set * writeset) buffer_get(&c->input, (char *)&dest_port, 2); dest_addr[addrlen] = '\0'; if (s5_req.atyp == SSH_SOCKS5_DOMAIN) - strlcpy(c->path, dest_addr, sizeof(c->path)); + strlcpy(c->path, (char *)dest_addr, sizeof(c->path)); else if (inet_ntop(af, dest_addr, c->path, sizeof(c->path)) == NULL) return -1; c->host_port = ntohs(dest_port); diff --git a/usr.bin/ssh/monitor.c b/usr.bin/ssh/monitor.c index 9809e322699..23ab6f24960 100644 --- a/usr.bin/ssh/monitor.c +++ b/usr.bin/ssh/monitor.c @@ -25,7 +25,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: monitor.c,v 1.56 2004/05/09 01:19:27 djm Exp $"); +RCSID("$OpenBSD: monitor.c,v 1.57 2004/05/11 19:01:43 deraadt Exp $"); #include <openssl/dh.h> @@ -1300,7 +1300,7 @@ mm_answer_term(int socket, Buffer *req) res = WIFEXITED(status) ? WEXITSTATUS(status) : 1; /* Terminate process */ - exit (res); + exit(res); } void diff --git a/usr.bin/ssh/monitor_mm.c b/usr.bin/ssh/monitor_mm.c index 6eb84041a25..db722e1ae2d 100644 --- a/usr.bin/ssh/monitor_mm.c +++ b/usr.bin/ssh/monitor_mm.c @@ -24,7 +24,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: monitor_mm.c,v 1.8 2002/08/02 14:43:15 millert Exp $"); +RCSID("$OpenBSD: monitor_mm.c,v 1.9 2004/05/11 19:01:43 deraadt Exp $"); #include <sys/mman.h> @@ -90,7 +90,7 @@ mm_create(struct mm_master *mmalloc, size_t size) mm->mmalloc = mmalloc; address = mmap(NULL, size, PROT_WRITE|PROT_READ, MAP_ANON|MAP_SHARED, - -1, 0); + -1, (off_t)0); if (address == MAP_FAILED) fatal("mmap(%lu): %s", (u_long)size, strerror(errno)); diff --git a/usr.bin/ssh/packet.c b/usr.bin/ssh/packet.c index bdc7f5e73cb..107930a3a08 100644 --- a/usr.bin/ssh/packet.c +++ b/usr.bin/ssh/packet.c @@ -37,7 +37,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: packet.c,v 1.112 2003/09/23 20:17:11 markus Exp $"); +RCSID("$OpenBSD: packet.c,v 1.113 2004/05/11 19:01:43 deraadt Exp $"); #include <sys/queue.h> @@ -154,8 +154,10 @@ packet_set_connection(int fd_in, int fd_out) fatal("packet_set_connection: cannot load cipher 'none'"); connection_in = fd_in; connection_out = fd_out; - cipher_init(&send_context, none, "", 0, NULL, 0, CIPHER_ENCRYPT); - cipher_init(&receive_context, none, "", 0, NULL, 0, CIPHER_DECRYPT); + cipher_init(&send_context, none, (const u_char *)"", + 0, NULL, 0, CIPHER_ENCRYPT); + cipher_init(&receive_context, none, (const u_char *)"", + 0, NULL, 0, CIPHER_DECRYPT); newkeys[MODE_IN] = newkeys[MODE_OUT] = NULL; if (!initialized) { initialized = 1; @@ -1441,7 +1443,7 @@ packet_is_interactive(void) return interactive_mode; } -u_int +int packet_set_maxsize(u_int s) { static int called = 0; @@ -1495,7 +1497,7 @@ packet_send_ignore(int nbytes) } } -#define MAX_PACKETS (1<<31) +#define MAX_PACKETS (1U<<31) int packet_need_rekeying(void) { diff --git a/usr.bin/ssh/packet.h b/usr.bin/ssh/packet.h index 7732fafb71f..37f82f2f603 100644 --- a/usr.bin/ssh/packet.h +++ b/usr.bin/ssh/packet.h @@ -1,4 +1,4 @@ -/* $OpenBSD: packet.h,v 1.40 2003/06/24 08:23:46 markus Exp $ */ +/* $OpenBSD: packet.h,v 1.41 2004/05/11 19:01:43 deraadt Exp $ */ /* * Author: Tatu Ylonen <ylo@cs.hut.fi> @@ -82,7 +82,7 @@ void tty_make_modes(int, struct termios *); void tty_parse_modes(int, int *); extern u_int max_packet_size; -u_int packet_set_maxsize(u_int); +int packet_set_maxsize(u_int); #define packet_get_maxsize() max_packet_size /* don't allow remaining bytes after the end of the message */ diff --git a/usr.bin/ssh/progressmeter.c b/usr.bin/ssh/progressmeter.c index 31adde2964f..8b1b8859a8c 100644 --- a/usr.bin/ssh/progressmeter.c +++ b/usr.bin/ssh/progressmeter.c @@ -23,7 +23,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: progressmeter.c,v 1.19 2004/02/05 15:33:33 markus Exp $"); +RCSID("$OpenBSD: progressmeter.c,v 1.20 2004/05/11 19:01:43 deraadt Exp $"); #include "progressmeter.h" #include "atomicio.h" @@ -166,7 +166,7 @@ refresh_progress_meter(void) /* bandwidth usage */ format_rate(buf + strlen(buf), win_size - strlen(buf), - bytes_per_second); + (off_t)bytes_per_second); strlcat(buf, "/s ", win_size); /* ETA */ diff --git a/usr.bin/ssh/session.c b/usr.bin/ssh/session.c index 5217e17b707..116c6b9488e 100644 --- a/usr.bin/ssh/session.c +++ b/usr.bin/ssh/session.c @@ -33,7 +33,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: session.c,v 1.174 2004/05/09 01:19:28 djm Exp $"); +RCSID("$OpenBSD: session.c,v 1.175 2004/05/11 19:01:43 deraadt Exp $"); #include "ssh.h" #include "ssh1.h" @@ -1506,9 +1506,8 @@ session_exec_req(Session *s) static int session_break_req(Session *s) { - u_int break_length; - break_length = packet_get_int(); /* ignored */ + packet_get_int(); /* ignored */ packet_check_eom(); if (s->ttyfd == -1 || |