diff options
author | Dag-Erling Smørgrav <des@FreeBSD.org> | 2014-03-22 15:23:38 +0000 |
---|---|---|
committer | Dag-Erling Smørgrav <des@FreeBSD.org> | 2014-03-22 15:23:38 +0000 |
commit | 0c79dacc8a8d4de2455d61c51724866f667ba53c (patch) | |
tree | 5186034782b608fd13a7408b5852ad248f6bdc35 /session.c | |
parent | 02d4c2ac3daa0f36264392972709ccd7676ab3e8 (diff) | |
download | src-0c79dacc8a8d4de2455d61c51724866f667ba53c.tar.gz src-0c79dacc8a8d4de2455d61c51724866f667ba53c.zip |
Vendor import of OpenSSH 6.6p1.vendor/openssh/6.6p1
Notes
Notes:
svn path=/vendor-crypto/openssh/dist/; revision=263635
svn path=/vendor-crypto/openssh/6.6p1/; revision=263636; tag=vendor/openssh/6.6p1
Diffstat (limited to 'session.c')
-rw-r--r-- | session.c | 13 |
1 files changed, 9 insertions, 4 deletions
diff --git a/session.c b/session.c index 12dd9ab102be..2bcf8185ce0e 100644 --- a/session.c +++ b/session.c @@ -1,4 +1,4 @@ -/* $OpenBSD: session.c,v 1.269 2014/01/18 09:36:26 dtucker Exp $ */ +/* $OpenBSD: session.c,v 1.270 2014/01/31 16:39:19 tedu Exp $ */ /* * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland * All rights reserved @@ -978,6 +978,11 @@ child_set_env(char ***envp, u_int *envsizep, const char *name, u_int envsize; u_int i, namelen; + if (strchr(name, '=') != NULL) { + error("Invalid environment variable \"%.100s\"", name); + return; + } + /* * If we're passed an uninitialized list, allocate a single null * entry before continuing. @@ -1889,7 +1894,7 @@ session_unused(int id) fatal("%s: insane session id %d (max %d nalloc %d)", __func__, id, options.max_sessions, sessions_nalloc); } - bzero(&sessions[id], sizeof(*sessions)); + memset(&sessions[id], 0, sizeof(*sessions)); sessions[id].self = id; sessions[id].used = 0; sessions[id].chanid = -1; @@ -2225,8 +2230,8 @@ session_env_req(Session *s) char *name, *val; u_int name_len, val_len, i; - name = packet_get_string(&name_len); - val = packet_get_string(&val_len); + name = packet_get_cstring(&name_len); + val = packet_get_cstring(&val_len); packet_check_eom(); /* Don't set too many environment variables */ |