- OpenBSD CVS Sync

- djm@cvs.openbsd.org 2006/06/14 10:50:42 [sshconnect.c] limit the number of pre-banner characters we will accept; ok markus@
author: Damien Miller <djm@mindrot.org> 2006-07-10 20:15:56 +1000
committer: Damien Miller <djm@mindrot.org> 2006-07-10 20:15:56 +1000
commit: 1e88ea655634749a847c9426a08b635f6198f085 (patch)
tree: a33173d408a9b1cdd7c524a342a6286f61ea9fd2 /sshconnect.c
parent: e34c96aea139680ffe8101b6527e45420811e0c0 (diff)
download: openssh-git-1e88ea655634749a847c9426a08b635f6198f085.tar.gz
1 files changed, 5 insertions, 3 deletions
diff --git a/sshconnect.c b/sshconnect.c
index c7657266..e26efa4d 100644
--- a/sshconnect.c
+++ b/sshconnect.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: sshconnect.c,v 1.184 2006/06/08 14:45:49 markus Exp $ */
+/* $OpenBSD: sshconnect.c,v 1.185 2006/06/14 10:50:42 djm Exp $ */
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -385,10 +385,10 @@ ssh_exchange_identification(void)
 	int connection_in = packet_get_connection_in();
 	int connection_out = packet_get_connection_out();
 	int minor1 = PROTOCOL_MINOR_1;
-	u_int i;
+	u_int i, n;
 
 	/* Read other side's version identification. */
-	for (;;) {
+	for (n = 0;;) {
 		for (i = 0; i < sizeof(buf) - 1; i++) {
 			size_t len = atomicio(read, connection_in, &buf[i], 1);
 
@@ -405,6 +405,8 @@ ssh_exchange_identification(void)
 				buf[i + 1] = 0;
 				break;
 			}
+			if (++n > 65536)
+				fatal("ssh_exchange_identification: No banner received");
 		}
 		buf[sizeof(buf) - 1] = 0;
 		if (strncmp(buf, "SSH-", 4) == 0)
author	Damien Miller <djm@mindrot.org>	2006-07-10 20:15:56 +1000
committer	Damien Miller <djm@mindrot.org>	2006-07-10 20:15:56 +1000
commit	1e88ea655634749a847c9426a08b635f6198f085 (patch)
tree	a33173d408a9b1cdd7c524a342a6286f61ea9fd2 /sshconnect.c
parent	e34c96aea139680ffe8101b6527e45420811e0c0 (diff)
download	openssh-git-1e88ea655634749a847c9426a08b635f6198f085.tar.gz