| 1 |
vapier 08/11/03 08:47:42 |
| 2 |
|
| 3 |
Added: openssh-5.1_p1-null-banner.patch |
| 4 |
openssh-5.1_p1-escaped-banner.patch |
| 5 |
Log: |
| 6 |
Fix some issues with printing of banners #244222 by Michał Górny. |
| 7 |
(Portage version: 2.2_rc13/cvs/Linux 2.6.27.4 x86_64) |
| 8 |
|
| 9 |
Revision Changes Path |
| 10 |
1.1 net-misc/openssh/files/openssh-5.1_p1-null-banner.patch |
| 11 |
|
| 12 |
file : http://sources.gentoo.org/viewcvs.py/gentoo-x86/net-misc/openssh/files/openssh-5.1_p1-null-banner.patch?rev=1.1&view=markup |
| 13 |
plain: http://sources.gentoo.org/viewcvs.py/gentoo-x86/net-misc/openssh/files/openssh-5.1_p1-null-banner.patch?rev=1.1&content-type=text/plain |
| 14 |
|
| 15 |
Index: openssh-5.1_p1-null-banner.patch |
| 16 |
=================================================================== |
| 17 |
apply fixes from upstream for empty banner |
| 18 |
|
| 19 |
https://bugzilla.mindrot.org/show_bug.cgi?id=1496 |
| 20 |
http://bugs.gentoo.org/244222 |
| 21 |
|
| 22 |
---------------------------- |
| 23 |
revision 1.168 |
| 24 |
date: 2008/10/03 23:56:28; author: deraadt; state: Exp; lines: +3 -3 |
| 25 |
Repair strnvis() buffersize of 4*n+1, with termination gauranteed by the |
| 26 |
function. |
| 27 |
spotted by des@freebsd, who commited an incorrect fix to the freebsd tree |
| 28 |
and (as is fairly typical) did not report the problem to us. But this fix |
| 29 |
is correct. |
| 30 |
ok djm |
| 31 |
---------------------------- |
| 32 |
revision 1.167 |
| 33 |
date: 2008/07/31 14:48:28; author: markus; state: Exp; lines: +2 -2 |
| 34 |
don't allocate space for empty banners; report t8m at centrum.cz; ok deraadt |
| 35 |
--- src/usr.bin/ssh/sshconnect2.c 2008/07/17 09:48:00 1.166 |
| 36 |
+++ src/usr.bin/ssh/sshconnect2.c 2008/10/04 00:56:28 1.168 |
| 37 |
@@ -377,11 +377,11 @@ input_userauth_banner(int type, u_int32_t seq, void *c |
| 38 |
debug3("input_userauth_banner"); |
| 39 |
raw = packet_get_string(&len); |
| 40 |
lang = packet_get_string(NULL); |
| 41 |
- if (options.log_level >= SYSLOG_LEVEL_INFO) { |
| 42 |
+ if (len > 0 && options.log_level >= SYSLOG_LEVEL_INFO) { |
| 43 |
if (len > 65536) |
| 44 |
len = 65536; |
| 45 |
- msg = xmalloc(len * 4); /* max expansion from strnvis() */ |
| 46 |
- strnvis(msg, raw, len * 4, VIS_SAFE|VIS_OCTAL); |
| 47 |
+ msg = xmalloc(len * 4 + 1); /* max expansion from strnvis() */ |
| 48 |
+ strnvis(msg, raw, len * 4 + 1, VIS_SAFE|VIS_OCTAL); |
| 49 |
fprintf(stderr, "%s", msg); |
| 50 |
xfree(msg); |
| 51 |
} |
| 52 |
|
| 53 |
|
| 54 |
|
| 55 |
1.1 net-misc/openssh/files/openssh-5.1_p1-escaped-banner.patch |
| 56 |
|
| 57 |
file : http://sources.gentoo.org/viewcvs.py/gentoo-x86/net-misc/openssh/files/openssh-5.1_p1-escaped-banner.patch?rev=1.1&view=markup |
| 58 |
plain: http://sources.gentoo.org/viewcvs.py/gentoo-x86/net-misc/openssh/files/openssh-5.1_p1-escaped-banner.patch?rev=1.1&content-type=text/plain |
| 59 |
|
| 60 |
Index: openssh-5.1_p1-escaped-banner.patch |
| 61 |
=================================================================== |
| 62 |
don't escape the banner output |
| 63 |
|
| 64 |
http://bugs.gentoo.org/244222 |
| 65 |
https://bugzilla.mindrot.org/show_bug.cgi?id=1533 |
| 66 |
|
| 67 |
fix by Michał Górny <mgorny.3ehbo@××××××××.com> |
| 68 |
|
| 69 |
--- sshconnect2.c |
| 70 |
+++ sshconnect2.c |
| 71 |
@@ -415,7 +415,7 @@ input_userauth_banner(int type, u_int32_t seq, void *ctxt) |
| 72 |
if (len > 65536) |
| 73 |
len = 65536; |
| 74 |
msg = xmalloc(len * 4 + 1); /* max expansion from strnvis() */ |
| 75 |
- strnvis(msg, raw, len * 4 + 1, VIS_SAFE|VIS_OCTAL); |
| 76 |
+ strnvis(msg, raw, len * 4 + 1, VIS_SAFE|VIS_OCTAL|VIS_NOSLASH); |
| 77 |
fprintf(stderr, "%s", msg); |
| 78 |
xfree(msg); |
| 79 |
} |
Archives