From 8ead62ed5e86c7df597d8604f332f49cd1527b85 Mon Sep 17 00:00:00 2001
From: "dtucker@openbsd.org" <dtucker@openbsd.org>
Date: Tue, 28 Feb 2023 21:31:50 +0000
Subject: upstream: fatal out if allocating banner string fails to avoid

potential null deref later in sscanf.  Spotted by Coverity, ok deraadt@

OpenBSD-Commit-ID: 74e8d228ac00552e96e9e968dfcccf8dd1f46ad5
---
 kex.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

(limited to 'kex.c')

diff --git a/kex.c b/kex.c
index 7731ca90..fce848fd 100644
--- a/kex.c
+++ b/kex.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: kex.c,v 1.174 2023/02/17 04:22:50 dtucker Exp $ */
+/* $OpenBSD: kex.c,v 1.175 2023/02/28 21:31:50 dtucker Exp $ */
 /*
  * Copyright (c) 2000, 2001 Markus Friedl.  All rights reserved.
  *
@@ -1345,7 +1345,7 @@ kex_exchange_identification(struct ssh *ssh, int timeout_ms,
 	}
 	peer_version_string = sshbuf_dup_string(peer_version);
 	if (peer_version_string == NULL)
-		error_f("sshbuf_dup_string failed");
+		fatal_f("sshbuf_dup_string failed");
 	/* XXX must be same size for sscanf */
 	if ((remote_version = calloc(1, sshbuf_len(peer_version))) == NULL) {
 		error_f("calloc failed");
-- 
cgit v1.2.1