diff options
| author | Andreas Schneider <asn@cryptomilk.org> | 2011-01-24 17:06:50 +0100 |
|---|---|---|
| committer | Andreas Schneider <asn@cryptomilk.org> | 2011-01-24 17:13:35 +0100 |
| commit | 1e827a8e818cf800d5574a2c2cbd97dfae243638 (patch) | |
| tree | b5fea33e80d39458d93806df2002aac71252e478 | |
| parent | 20e637968afc897af78ca57cc1065c26ceccc38a (diff) | |
| download | libssh-1e827a8e818cf800d5574a2c2cbd97dfae243638.tar.gz libssh-1e827a8e818cf800d5574a2c2cbd97dfae243638.tar.xz libssh-1e827a8e818cf800d5574a2c2cbd97dfae243638.zip | |
getpass: Fixed possible segfault if len is too small.
| -rw-r--r-- | src/getpass.c | 10 |
1 files changed, 10 insertions, 0 deletions
diff --git a/src/getpass.c b/src/getpass.c index f0b8283..14e5933 100644 --- a/src/getpass.c +++ b/src/getpass.c @@ -123,6 +123,11 @@ int ssh_getpass(const char *prompt, DWORD mode = 0; int ok; + /* fgets needs at least len - 1 */ + if (prompt == NULL || buf == NULL || len < 2) { + return -1; + } + /* get stdin and mode */ h = GetStdHandle(STD_INPUT_HANDLE); if (!GetConsoleMode(h, &mode)) { @@ -207,6 +212,11 @@ int ssh_getpass(const char *prompt, int ok = 0; int fd = -1; + /* fgets needs at least len - 1 */ + if (prompt == NULL || buf == NULL || len < 2) { + return -1; + } + ZERO_STRUCT(attr); ZERO_STRUCT(old_attr); |