From 1a31d02b2411c4718de58ce796dbb7b5e14db93e Mon Sep 17 00:00:00 2001
From: "djm@openbsd.org" <djm@openbsd.org>
Date: Mon, 2 May 2016 08:49:03 +0000
Subject: upstream commit

fix signed/unsigned errors reported by clang-3.7; add
 sshbuf_dup_string() to replace a common idiom of strdup(sshbuf_ptr()) with
 better safety checking; feedback and ok markus@

Upstream-ID: 71f926d9bb3f1efed51319a6daf37e93d57c8820
---
 auth2-chall.c | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

(limited to 'auth2-chall.c')

diff --git a/auth2-chall.c b/auth2-chall.c
index 4aff09d8..ead48031 100644
--- a/auth2-chall.c
+++ b/auth2-chall.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: auth2-chall.c,v 1.43 2015/07/18 07:57:14 djm Exp $ */
+/* $OpenBSD: auth2-chall.c,v 1.44 2016/05/02 08:49:03 djm Exp $ */
 /*
  * Copyright (c) 2001 Markus Friedl.  All rights reserved.
  * Copyright (c) 2001 Per Allansson.  All rights reserved.
@@ -122,8 +122,8 @@ kbdint_alloc(const char *devs)
 			buffer_append(&b, devices[i]->name,
 			    strlen(devices[i]->name));
 		}
-		buffer_append(&b, "\0", 1);
-		kbdintctxt->devices = xstrdup(buffer_ptr(&b));
+		if ((kbdintctxt->devices = sshbuf_dup_string(&b)) == NULL)
+			fatal("%s: sshbuf_dup_string failed", __func__);
 		buffer_free(&b);
 	} else {
 		kbdintctxt->devices = xstrdup(devs);
-- 
cgit v1.2.1