upstream: use asprintf to construct .rhosts paths

OpenBSD-Commit-ID: 8286e8d3d2c6ff916ff13d041d1713073f738a8b

1 files changed, 23 insertions, 13 deletions

diff --git a/auth-rhosts.c b/auth-rhosts.c
index c055b14f..cac5cd84 100644
--- a/auth-rhosts.c
+++ b/auth-rhosts.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: auth-rhosts.c,v 1.54 2022/02/01 23:32:51 djm Exp $ */
+/* $OpenBSD: auth-rhosts.c,v 1.55 2022/02/23 11:15:57 djm Exp $ */
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -34,6 +34,7 @@
 #include "pathnames.h"
 #include "log.h"
 #include "misc.h"
+#include "xmalloc.h"
 #include "sshbuf.h"
 #include "sshkey.h"
 #include "servconf.h"
@@ -189,12 +190,13 @@ int
 auth_rhosts2(struct passwd *pw, const char *client_user, const char *hostname,
     const char *ipaddr)
 {
-	char buf[1024];
+	char *path = NULL;
 	struct stat st;
 	static const char * const rhosts_files[] = {".shosts", ".rhosts", NULL};
 	u_int rhosts_file_index;
+	int r;
 
-	debug2("auth_rhosts2: clientuser %s hostname %s ipaddr %s",
+	debug2_f("clientuser %s hostname %s ipaddr %s",
 	    client_user, hostname, ipaddr);
 
 	/* Switch to the user's uid. */
@@ -208,9 +210,11 @@ auth_rhosts2(struct passwd *pw, const char *client_user, const char *hostname,
 	for (rhosts_file_index = 0; rhosts_files[rhosts_file_index];
 	    rhosts_file_index++) {
 		/* Check users .rhosts or .shosts. */
-		snprintf(buf, sizeof buf, "%.500s/%.100s",
-			 pw->pw_dir, rhosts_files[rhosts_file_index]);
-		if (stat(buf, &st) >= 0)
+		xasprintf(&path, "%s/%s",
+		    pw->pw_dir, rhosts_files[rhosts_file_index]);
+		r = stat(path, &st);
+		free(path);
+		if (r >= 0)
 			break;
 	}
 	/* Switch back to privileged uid. */
@@ -275,10 +279,12 @@ auth_rhosts2(struct passwd *pw, const char *client_user, const char *hostname,
 	for (rhosts_file_index = 0; rhosts_files[rhosts_file_index];
 	    rhosts_file_index++) {
 		/* Check users .rhosts or .shosts. */
-		snprintf(buf, sizeof buf, "%.500s/%.100s",
-			 pw->pw_dir, rhosts_files[rhosts_file_index]);
-		if (stat(buf, &st) == -1)
+		xasprintf(&path, "%s/%s",
+		    pw->pw_dir, rhosts_files[rhosts_file_index]);
+		if (stat(path, &st) == -1) {
+			free(path);
 			continue;
+		}
 
 		/*
 		 * Make sure that the file is either owned by the user or by
@@ -289,9 +295,10 @@ auth_rhosts2(struct passwd *pw, const char *client_user, const char *hostname,
 		if (options.strict_modes &&
 		    ((st.st_uid != 0 && st.st_uid != pw->pw_uid) ||
 		    (st.st_mode & 022) != 0)) {
-			logit("Rhosts authentication refused for %.100s: bad modes for %.200s",
-			    pw->pw_name, buf);
-			auth_debug_add("Bad file modes for %.200s", buf);
+			logit("Rhosts authentication refused for %.100s: "
+			    "bad modes for %.200s", pw->pw_name, path);
+			auth_debug_add("Bad file modes for %.200s", path);
+			free(path);
 			continue;
 		}
 		/*
@@ -303,10 +310,11 @@ auth_rhosts2(struct passwd *pw, const char *client_user, const char *hostname,
 		    strcmp(rhosts_files[rhosts_file_index], ".shosts") != 0)) {
 			auth_debug_add("Server has been configured to "
 			    "ignore %.100s.", rhosts_files[rhosts_file_index]);
+			free(path);
 			continue;
 		}
 		/* Check if authentication is permitted by the file. */
-		if (check_rhosts_file(buf, hostname, ipaddr,
+		if (check_rhosts_file(path, hostname, ipaddr,
 		    client_user, pw->pw_name)) {
 			auth_debug_add("Accepted by %.100s.",
 			    rhosts_files[rhosts_file_index]);
@@ -315,8 +323,10 @@ auth_rhosts2(struct passwd *pw, const char *client_user, const char *hostname,
 			auth_debug_add("Accepted host %s ip %s client_user "
 			    "%s server_user %s", hostname, ipaddr,
 			    client_user, pw->pw_name);
+			free(path);
 			return 1;
 		}
+		free(path);
 	}
 
 	/* Restore the privileged uid. */