diff options
| author | Jacques Vidrine <nectar@FreeBSD.org> | 2003-09-16 17:51:06 +0000 |
|---|---|---|
| committer | Jacques Vidrine <nectar@FreeBSD.org> | 2003-09-16 17:51:06 +0000 |
| commit | 2a7db4f2b114022bac421ea8ad9e6388d2c1cb2e (patch) | |
| tree | 2bdc8c10b1e2879c208e8834aa691e55cecb9db9 | |
| parent | 8fd1c8b69a2aa11f40d164722cc0f0da4967b082 (diff) | |
| download | src-2a7db4f2b114022bac421ea8ad9e6388d2c1cb2e.tar.gz src-2a7db4f2b114022bac421ea8ad9e6388d2c1cb2e.zip | |
MFC buffer.c 1.1.1.7: Do not record expanded size before attempting to
reallocate associated memory.
Notes
Notes:
svn path=/releng/4.4/; revision=120133
| -rw-r--r-- | UPDATING | 3 | ||||
| -rw-r--r-- | crypto/openssh/buffer.c | 10 | ||||
| -rw-r--r-- | crypto/openssh/version.h | 2 | ||||
| -rw-r--r-- | sys/conf/newvers.sh | 2 |
4 files changed, 13 insertions, 4 deletions
@@ -17,6 +17,9 @@ minimal number of processes, if possible, for that patch. For those updates that don't have an advisory, or to be safe, you can do a full build and install as described in the COMMON ITEMS section. +20030916: p40 FreeBSD-SA-03:12.openssh + OpenSSH oversized packet buffer handling corrected. + 20030810: p39 FreeBSD-SA-03:10.iBCS2 iBCS2 system call translator for statfs leaked information. diff --git a/crypto/openssh/buffer.c b/crypto/openssh/buffer.c index d993c8bcdef8..f7dc45eb9ef0 100644 --- a/crypto/openssh/buffer.c +++ b/crypto/openssh/buffer.c @@ -69,6 +69,8 @@ buffer_append(Buffer *buffer, const char *data, unsigned int len) void buffer_append_space(Buffer *buffer, char **datap, unsigned int len) { + u_int newlen; + /* If the buffer is empty, start using it from the beginning. */ if (buffer->offset == buffer->end) { buffer->offset = 0; @@ -93,8 +95,12 @@ restart: goto restart; } /* Increase the size of the buffer and retry. */ - buffer->alloc += len + 32768; - buffer->buf = xrealloc(buffer->buf, buffer->alloc); + newlen = buffer->alloc + len + 32768; + if (newlen > 0xa00000) + fatal("buffer_append_space: alloc %u not supported", + newlen); + buffer->buf = xrealloc(buffer->buf, newlen); + buffer->alloc = newlen; goto restart; } diff --git a/crypto/openssh/version.h b/crypto/openssh/version.h index ac6fade2655b..72d95abc25c5 100644 --- a/crypto/openssh/version.h +++ b/crypto/openssh/version.h @@ -1,4 +1,4 @@ /* $FreeBSD$ */ /* $OpenBSD: version.h,v 1.13 2000/10/16 09:38:45 djm Exp $ */ -#define SSH_VERSION "OpenSSH_2.3.0 FreeBSD localisations 20020307" +#define SSH_VERSION "OpenSSH_2.3.0 FreeBSD localisations 20030916" diff --git a/sys/conf/newvers.sh b/sys/conf/newvers.sh index ca15e7ce1c46..289751f7883b 100644 --- a/sys/conf/newvers.sh +++ b/sys/conf/newvers.sh @@ -36,7 +36,7 @@ TYPE="FreeBSD" REVISION="4.4" -BRANCH="RELEASE-p39" +BRANCH="RELEASE-p40" RELEASE="${REVISION}-${BRANCH}" VERSION="${TYPE} ${RELEASE}" |