Add patch from millert@ based on the IBM security advisory sent to the rootshell list
This commit is contained in:
marc
parent
fdd5f11582
commit
4ccd23ffac
87
security/ssh/patches/patch-ai
Normal file
87
security/ssh/patches/patch-ai
Normal file
@ -0,0 +1,87 @@
|
||||
--- log-server.c.DIST Wed Jul 8 10:40:36 1998
|
||||
+++ log-server.c Sun Nov 1 19:51:47 1998
|
||||
@@ -134,7 +134,7 @@
|
||||
if (log_quiet)
|
||||
return;
|
||||
va_start(args, fmt);
|
||||
- vsprintf(buf, fmt, args);
|
||||
+ vsnprintf(buf, sizeof(buf), fmt, args);
|
||||
va_end(args);
|
||||
if (log_on_stderr)
|
||||
fprintf(stderr, "log: %s\n", buf);
|
||||
@@ -175,7 +175,7 @@
|
||||
if (log_quiet)
|
||||
return;
|
||||
va_start(args, fmt);
|
||||
- vsprintf(buf, fmt, args);
|
||||
+ vsnprintf(buf, sizeof(buf), fmt, args);
|
||||
va_end(args);
|
||||
if (log_on_stderr)
|
||||
fprintf(stderr, "log: %s\n", buf);
|
||||
@@ -191,7 +191,7 @@
|
||||
if (!log_debug || log_quiet)
|
||||
return;
|
||||
va_start(args, fmt);
|
||||
- vsprintf(buf, fmt, args);
|
||||
+ vsnprintf(buf, sizeof(buf), fmt, args);
|
||||
va_end(args);
|
||||
if (log_on_stderr)
|
||||
fprintf(stderr, "debug: %s\n", buf);
|
||||
@@ -207,7 +207,7 @@
|
||||
if (log_quiet)
|
||||
return;
|
||||
va_start(args, fmt);
|
||||
- vsprintf(buf, fmt, args);
|
||||
+ vsnprintf(buf, sizeof(buf), fmt, args);
|
||||
va_end(args);
|
||||
if (log_on_stderr)
|
||||
fprintf(stderr, "error: %s\n", buf);
|
||||
@@ -302,7 +302,7 @@
|
||||
if (log_quiet)
|
||||
exit(1);
|
||||
va_start(args, fmt);
|
||||
- vsprintf(buf, fmt, args);
|
||||
+ vsnprintf(buf, sizeof(buf), fmt, args);
|
||||
va_end(args);
|
||||
if (log_on_stderr)
|
||||
fprintf(stderr, "fatal: %s\n", buf);
|
||||
@@ -321,7 +321,7 @@
|
||||
if (log_quiet)
|
||||
exit(1);
|
||||
va_start(args, fmt);
|
||||
- vsprintf(buf, fmt, args);
|
||||
+ vsnprintf(buf, sizeof(buf), fmt, args);
|
||||
va_end(args);
|
||||
if (log_on_stderr)
|
||||
fprintf(stderr, "fatal: %s\n", buf);
|
||||
--- packet.c.DIST Wed Jul 8 10:40:37 1998
|
||||
+++ packet.c Sun Nov 1 19:52:00 1998
|
||||
@@ -693,7 +693,7 @@
|
||||
va_list args;
|
||||
|
||||
va_start(args, fmt);
|
||||
- vsprintf(buf, fmt, args);
|
||||
+ vsnprintf(buf, sizeof(buf), fmt, args);
|
||||
va_end(args);
|
||||
|
||||
packet_start(SSH_MSG_DEBUG);
|
||||
@@ -719,7 +719,7 @@
|
||||
/* Format the message. Note that the caller must make sure the message
|
||||
is of limited size. */
|
||||
va_start(args, fmt);
|
||||
- vsprintf(buf, fmt, args);
|
||||
+ vsnprintf(buf, sizeof(buf), fmt, args);
|
||||
va_end(args);
|
||||
|
||||
/* Send the disconnect message to the other side, and wait for it to get
|
||||
--- scp.c.DIST Wed Jul 8 10:40:38 1998
|
||||
+++ scp.c Sun Nov 1 19:52:13 1998
|
||||
@@ -332,7 +332,7 @@
|
||||
char buf[1024];
|
||||
|
||||
va_start(ap, fmt);
|
||||
- vsprintf(buf, fmt, ap);
|
||||
+ vsnprintf(buf, sizeof(buf), fmt, ap);
|
||||
va_end(ap);
|
||||
fprintf(stderr, "%s\n", buf);
|
||||
exit(255);
|
||||
Loading…
Reference in New Issue
Block a user