From 1e827a8e818cf800d5574a2c2cbd97dfae243638 Mon Sep 17 00:00:00 2001
From: Andreas Schneider <asn@cryptomilk.org>
Date: Mon, 24 Jan 2011 17:06:50 +0100
Subject: getpass: Fixed possible segfault if len is too small.

---
 src/getpass.c | 10 ++++++++++
 1 file changed, 10 insertions(+)

diff --git a/src/getpass.c b/src/getpass.c
index f0b82837..14e5933a 100644
--- a/src/getpass.c
+++ b/src/getpass.c
@@ -123,6 +123,11 @@ int ssh_getpass(const char *prompt,
     DWORD mode = 0;
     int ok;
 
+    /* fgets needs at least len - 1 */
+    if (prompt == NULL || buf == NULL || len < 2) {
+        return -1;
+    }
+
     /* get stdin and mode */
     h = GetStdHandle(STD_INPUT_HANDLE);
     if (!GetConsoleMode(h, &mode)) {
@@ -207,6 +212,11 @@ int ssh_getpass(const char *prompt,
     int ok = 0;
     int fd = -1;
 
+    /* fgets needs at least len - 1 */
+    if (prompt == NULL || buf == NULL || len < 2) {
+        return -1;
+    }
+
     ZERO_STRUCT(attr);
     ZERO_STRUCT(old_attr);
 
-- 
cgit