diff options
author | Damien Miller <djm@mindrot.org> | 2006-03-31 23:09:41 +1100 |
---|---|---|
committer | Damien Miller <djm@mindrot.org> | 2006-03-31 23:09:41 +1100 |
commit | 5a73c1a34d7ed75295da703c835464746474d297 (patch) | |
tree | 8245892a38475070feb4880f1d87d661ffb9ee7c /dh.c | |
parent | da380becc6d9cc00c7e4c892354d93cd1fc12431 (diff) | |
download | openssh-git-5a73c1a34d7ed75295da703c835464746474d297.tar.gz |
- deraadt@cvs.openbsd.org 2006/03/27 13:03:54
[dh.c]
use strtonum() instead of atoi(), limit dhg size to 64k; ok djm
Diffstat (limited to 'dh.c')
-rw-r--r-- | dh.c | 6 |
1 files changed, 4 insertions, 2 deletions
@@ -1,4 +1,4 @@ -/* $OpenBSD: dh.c,v 1.34 2006/03/25 13:17:01 djm Exp $ */ +/* $OpenBSD: dh.c,v 1.35 2006/03/27 13:03:54 deraadt Exp $ */ /* * Copyright (c) 2000 Niels Provos. All rights reserved. * @@ -44,6 +44,7 @@ parse_prime(int linenum, char *line, struct dhgroup *dhg) { char *cp, *arg; char *strsize, *gen, *prime; + const char *errstr = NULL; cp = line; if ((arg = strdelim(&cp)) == NULL) @@ -68,7 +69,8 @@ parse_prime(int linenum, char *line, struct dhgroup *dhg) goto fail; strsize = strsep(&cp, " "); /* size */ if (cp == NULL || *strsize == '\0' || - (dhg->size = atoi(strsize)) == 0) + (dhg->size = (u_int)strtonum(strsize, 0, 64*1024, &errstr)) == 0 || + errstr) goto fail; /* The whole group is one bit larger */ dhg->size++; |