summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--README2
-rw-r--r--debian/dropbear.init2
-rw-r--r--libtommath/makefile_include.mk2
-rw-r--r--packet.c48
-rw-r--r--svr-main.c2
-rw-r--r--sysoptions.h3
6 files changed, 24 insertions, 35 deletions
diff --git a/README b/README
index d197ec7..bdc99dc 100644
--- a/README
+++ b/README
@@ -8,6 +8,8 @@ which performs multiple tasks, to save disk space)
SMALL has some tips on creating small binaries.
+A mirror of the Dropbear website and tarballs is available at https://dropbear.nl/mirror/
+
Please contact me if you have any questions/bugs found/features/ideas/comments etc :)
There is also a mailing list http://lists.ucc.gu.uwa.edu.au/mailman/listinfo/dropbear
diff --git a/debian/dropbear.init b/debian/dropbear.init
index ef3ec3f..4efe6b5 100644
--- a/debian/dropbear.init
+++ b/debian/dropbear.init
@@ -25,7 +25,7 @@ set -e
cancel() { echo "$1" >&2; exit 0; };
test ! -r /etc/default/dropbear || . /etc/default/dropbear
test -x "$DAEMON" || cancel "$DAEMON does not exist or is not executable."
-test ! -x /usr/sbin/update-service || ! update-service --check dropbear ||
+test ! -x /usr/sbin/update-service || ! update-service --check dropbear || \
cancel 'The dropbear service is controlled through runit, use the sv(8) program'
test -z "$DROPBEAR_BANNER" || \
diff --git a/libtommath/makefile_include.mk b/libtommath/makefile_include.mk
index 711b630..f3ceb9c 100644
--- a/libtommath/makefile_include.mk
+++ b/libtommath/makefile_include.mk
@@ -104,7 +104,7 @@ LIBTOOLFLAGS += -no-undefined
endif
# add in the standard FLAGS
-LTM_CFLAGS += $(CFLAGS)
+LTM_CFLAGS := $(CFLAGS) $(LTM_CFLAGS)
LTM_LFLAGS += $(LFLAGS)
LTM_LDFLAGS += $(LDFLAGS)
LTM_LIBTOOLFLAGS += $(LIBTOOLFLAGS)
diff --git a/packet.c b/packet.c
index fc8fe02..1055588 100644
--- a/packet.c
+++ b/packet.c
@@ -430,44 +430,32 @@ static buffer* buf_decompress(const buffer* buf, unsigned int len) {
z_streamp zstream;
zstream = ses.keys->recv.zstream;
- ret = buf_new(len);
+ /* We use RECV_MAX_PAYLOAD_LEN+1 here to ensure that
+ we can detect an oversized payload after inflate() */
+ ret = buf_new(RECV_MAX_PAYLOAD_LEN+1);
zstream->avail_in = len;
zstream->next_in = buf_getptr(buf, len);
+ zstream->avail_out = ret->size;
+ zstream->next_out = ret->data;
- /* decompress the payload, incrementally resizing the output buffer */
- while (1) {
-
- zstream->avail_out = ret->size - ret->pos;
- zstream->next_out = buf_getwriteptr(ret, zstream->avail_out);
-
- result = inflate(zstream, Z_SYNC_FLUSH);
+ result = inflate(zstream, Z_SYNC_FLUSH);
+ if (result != Z_OK) {
+ dropbear_exit("zlib error");
+ }
- buf_setlen(ret, ret->size - zstream->avail_out);
- buf_setpos(ret, ret->len);
+ buf_setlen(ret, ret->size - zstream->avail_out);
- if (result != Z_BUF_ERROR && result != Z_OK) {
- dropbear_exit("zlib error");
- }
+ if (zstream->avail_in > 0 || ret->len > RECV_MAX_PAYLOAD_LEN) {
+ /* The remote side sent larger than a payload size
+ * of uncompressed data.
+ */
+ dropbear_exit("bad packet, oversized decompressed");
+ }
- if (zstream->avail_in == 0 &&
- (zstream->avail_out != 0 || result == Z_BUF_ERROR)) {
- /* we can only exit if avail_out hasn't all been used,
- * and there's no remaining input */
- return ret;
- }
+ /* Success. All input was consumed and avail_out > 0 */
+ return ret;
- if (zstream->avail_out == 0) {
- int new_size = 0;
- if (ret->size >= RECV_MAX_PAYLOAD_LEN) {
- /* Already been increased as large as it can go,
- * yet didn't finish up the decompression */
- dropbear_exit("bad packet, oversized decompressed");
- }
- new_size = MIN(RECV_MAX_PAYLOAD_LEN, ret->size + ZLIB_DECOMPRESS_INCR);
- ret = buf_resize(ret, new_size);
- }
- }
}
#endif
diff --git a/svr-main.c b/svr-main.c
index be69e39..9234361 100644
--- a/svr-main.c
+++ b/svr-main.c
@@ -330,7 +330,7 @@ static void main_noinetd(int argc, char ** argv, const char* multipath) {
m_free(remote_host);
m_free(remote_port);
-#ifndef DEBUG_NOFORK
+#if !DEBUG_NOFORK
if (setsid() < 0) {
dropbear_exit("setsid: %s", strerror(errno));
}
diff --git a/sysoptions.h b/sysoptions.h
index 18df6de..af931ff 100644
--- a/sysoptions.h
+++ b/sysoptions.h
@@ -68,7 +68,6 @@
#define MAX_TERM_LEN 200 /* max length of TERM name */
#define MAX_HOST_LEN 254 /* max hostname len for tcp fwding */
-#define MAX_IP_LEN 15 /* strlen("255.255.255.255") == 15 */
#define DROPBEAR_MAX_PORTS 10 /* max number of ports which can be specified,
ipv4 and ipv6 don't count twice */
@@ -85,7 +84,7 @@
/* success/failure defines */
#define DROPBEAR_SUCCESS 0
#define DROPBEAR_FAILURE -1
-
+
#define DROPBEAR_PASSWORD_ENV "DROPBEAR_PASSWORD"
#define DROPBEAR_NGROUP_MAX 1024
View Lorry Controller Status