lib/libssh
1
0
Fork 0
mirror of https://git.libssh.org/projects/libssh.git synced 2025-08-07 08:02:55 +03:00
Code Activity

examples: Avoid buffer overrun

Browse Source 
and provide helpful warning message

CID 1533680:  Memory - illegal accesses  (OVERRUN)

Thanks coverity

Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
This commit is contained in:
Jakub Jelen
2024-01-26 15:06:17 +01:00
parent a8b7e17aa0
commit 5dd42dfa22
1 changed files with 18 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

19
examples/ssh_server.c
View File

@@ -531,6 +531,14 @@ static int auth_publickey(ssh_session session,
} }
} }
if (i >= AUTH_KEYS_MAX_LINE_SIZE) {
fprintf(stderr,
"warning: The line %d in %s too long! Skipping.\n",
lineno,
authorizedkeys);
continue;
}
if (p[i] == '#' || p[i] == '\0' || p[i] == '\n') { if (p[i] == '#' || p[i] == '\0' || p[i] == '\n') {
continue; continue;
} }
@@ -545,7 +553,16 @@ static int auth_publickey(ssh_session session,
type = ssh_key_type_from_name(q); type = ssh_key_type_from_name(q);
q = &p[i + 1]; i++;
if (i >= AUTH_KEYS_MAX_LINE_SIZE) {
fprintf(stderr,
"warning: The line %d in %s too long! Skipping.\n",
lineno,
authorizedkeys);
continue;
}
q = &p[i];
for (; i < AUTH_KEYS_MAX_LINE_SIZE; i++) { for (; i < AUTH_KEYS_MAX_LINE_SIZE; i++) {
if (isspace((int)p[i])) { if (isspace((int)p[i])) {
p[i] = '\0'; p[i] = '\0';