diff options
| author | Darren Tucker <dtucker@zip.com.au> | 2004-05-13 16:39:33 +1000 |
|---|---|---|
| committer | Darren Tucker <dtucker@zip.com.au> | 2004-05-13 16:39:33 +1000 |
| commit | 1f8311c836a20ce4923e2142d206f8d8073d0ca4 (patch) | |
| tree | 93c92ccf9709d18faa075fb2b3c5fda4d969b28a /authfile.c | |
| parent | b42714e28bcb22c5b52b0266813165cf5e7e9ccb (diff) | |
| download | openssh-git-1f8311c836a20ce4923e2142d206f8d8073d0ca4.tar.gz | |
- deraadt@cvs.openbsd.org 2004/05/11 19:01:43
[auth.c auth2-none.c authfile.c channels.c monitor.c monitor_mm.c
packet.c packet.h progressmeter.c session.c openbsd-compat/xmmap.c]
improve some code lint did not like; djm millert ok
Diffstat (limited to 'authfile.c')
| -rw-r--r-- | authfile.c | 16 |
1 files changed, 11 insertions, 5 deletions
@@ -36,7 +36,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: authfile.c,v 1.55 2003/09/18 07:56:05 markus Exp $"); +RCSID("$OpenBSD: authfile.c,v 1.56 2004/05/11 19:01:43 deraadt Exp $"); #include <openssl/err.h> #include <openssl/evp.h> @@ -236,14 +236,16 @@ key_load_public_rsa1(int fd, const char *filename, char **commentp) struct stat st; char *cp; int i; - off_t len; + size_t len; if (fstat(fd, &st) < 0) { error("fstat for key file %.200s failed: %.100s", filename, strerror(errno)); return NULL; } - len = st.st_size; + if (st.st_size > 1*1024*1024) + close(fd); + len = (size_t)st.st_size; /* truncated */ buffer_init(&buffer); cp = buffer_append_space(&buffer, len); @@ -318,7 +320,7 @@ key_load_private_rsa1(int fd, const char *filename, const char *passphrase, char **commentp) { int i, check1, check2, cipher_type; - off_t len; + size_t len; Buffer buffer, decrypted; u_char *cp; CipherContext ciphercontext; @@ -332,7 +334,11 @@ key_load_private_rsa1(int fd, const char *filename, const char *passphrase, close(fd); return NULL; } - len = st.st_size; + if (st.st_size > 1*1024*1024) { + close(fd); + return (NULL); + } + len = (size_t)st.st_size; /* truncated */ buffer_init(&buffer); cp = buffer_append_space(&buffer, len); |