diff options
| author | djm@openbsd.org <djm@openbsd.org> | 2023-07-14 07:31:44 +0200 |
|---|---|---|
| committer | Damien Miller <djm@mindrot.org> | 2023-07-14 07:33:30 +0200 |
| commit | 2ee48adb9fc8692e8d6ac679dcc9f35e89ad68f0 (patch) | |
| tree | d9c74c34a47cfe9db052fcc56b6274279df427b0 /auth-options.c | |
| parent | upstream: misplaced debug message (diff) | |
| download | openssh-2ee48adb9fc8692e8d6ac679dcc9f35e89ad68f0.tar.xz openssh-2ee48adb9fc8692e8d6ac679dcc9f35e89ad68f0.zip | |
upstream: add defence-in-depth checks for some unreachable integer
overflows reported by Yair Mizrahi @ JFrog; feedback/ok millert@
OpenBSD-Commit-ID: 52af085f4e7ef9f9d8423d8c1840a6a88bda90bd
Diffstat (limited to 'auth-options.c')
| -rw-r--r-- | auth-options.c | 7 |
1 files changed, 4 insertions, 3 deletions
diff --git a/auth-options.c b/auth-options.c index 88e9eb1c1..e1ced2055 100644 --- a/auth-options.c +++ b/auth-options.c @@ -1,4 +1,4 @@ -/* $OpenBSD: auth-options.c,v 1.99 2023/03/29 00:18:35 djm Exp $ */ +/* $OpenBSD: auth-options.c,v 1.100 2023/07/14 05:31:44 djm Exp $ */ /* * Copyright (c) 2018 Damien Miller <djm@mindrot.org> * @@ -48,10 +48,11 @@ dup_strings(char ***dstp, size_t *ndstp, char **src, size_t nsrc) *dstp = NULL; *ndstp = 0; + if (nsrc == 0) return 0; - - if ((dst = calloc(nsrc, sizeof(*src))) == NULL) + if (nsrc >= SIZE_MAX / sizeof(*src) || + (dst = calloc(nsrc, sizeof(*src))) == NULL) return -1; for (i = 0; i < nsrc; i++) { if ((dst[i] = strdup(src[i])) == NULL) { |