search for: newlen

...========== RCS file: /cvs/src/usr.bin/ssh/buffer.c,v retrieving revision 1.16 retrieving revision 1.17 diff -u -r1.16 -r1.17 --- buffer.c 26 Jun 2002 08:54:18 -0000 1.16 +++ buffer.c 16 Sep 2003 03:03:47 -0000 1.17 @@ -69,6 +69,7 @@ void * buffer_append_space(Buffer *buffer, u_int len) { + u_int newlen; void *p; if (len > 0x100000) @@ -98,11 +99,13 @@ goto restart; } /* Increase the size of the buffer and retry. */ - buffer->alloc += len + 32768; - if (buffer->alloc > 0xa00000) + + newlen = buffer->alloc + len + 32768; + if (newlen > 0xa00000) fatal("buffer...

...========== RCS file: /cvs/src/usr.bin/ssh/buffer.c,v retrieving revision 1.16 retrieving revision 1.17 diff -u -r1.16 -r1.17 --- buffer.c 26 Jun 2002 08:54:18 -0000 1.16 +++ buffer.c 16 Sep 2003 03:03:47 -0000 1.17 @@ -69,6 +69,7 @@ void * buffer_append_space(Buffer *buffer, u_int len) { + u_int newlen; void *p; if (len > 0x100000) @@ -98,11 +99,13 @@ goto restart; } /* Increase the size of the buffer and retry. */ - buffer->alloc += len + 32768; - if (buffer->alloc > 0xa00000) + + newlen = buffer->alloc + len + 32768; + if (newlen > 0xa00000) fatal("buffer...

...loc.c b/usr/dash/memalloc.c index 9d1de74a..60637da1 100644 --- a/usr/dash/memalloc.c +++ b/usr/dash/memalloc.c @@ -201,16 +201,16 @@ popstackmark(struct stackmark *mark) * part of the block that has been used. */ -void -growstackblock(void) +static void growstackblock(size_t min) { size_t newlen; newlen = stacknleft * 2; if (newlen < stacknleft) sh_error("Out of space"); - if (newlen < 128) - newlen += 128; + min = SHELL_ALIGN(min | 128); + if (newlen < min) + newlen += min; if (stacknxt == stackp->space && stackp != &stackbase) { struct...

...max at stro.at> --- usr/dash/memalloc.c | 4 +--- 1 files changed, 1 insertions(+), 3 deletions(-) diff --git a/usr/dash/memalloc.c b/usr/dash/memalloc.c index e75e609..9fea067 100644 --- a/usr/dash/memalloc.c +++ b/usr/dash/memalloc.c @@ -206,20 +206,18 @@ growstackblock(void) { size_t newlen; - newlen = stacknleft * 2; + newlen = stacknleft * 2; if (newlen < stacknleft) sh_error("Out of space"); if (newlen < 128) newlen += 128; if (stacknxt == stackp->space && stackp != &stackbase) { - struct stack_block *oldstackp; struct stack_block...

Has anyone around here heard of this ? ---Mike >Subject: Re: [Full-Disclosure] new ssh exploit? >From: christopher neitzert <chris@neitzert.com> >Reply-To: chris@neitzert.com >To: full-disclosure@lists.netsys.com >X-Mailer: Ximian Evolution 1.4.3.99 >Sender: full-disclosure-admin@lists.netsys.com >X-BeenThere: full-disclosure@lists.netsys.com

...new_value) +{ + buffer->unlimited = new_value; +} + /* Initializes the buffer structure. */ void @@ -30,6 +36,7 @@ buffer->alloc = len; buffer->offset = 0; buffer->end = 0; + buffer->unlimited = 0; } /* Frees any memory used for the buffer. */ @@ -78,7 +85,8 @@ u_int newlen; void *p; - if (len > 0x100000) + if ((buffer->unlimited && len > MAXBUFSZ) || + (!buffer->unlimited && len > 0x100000)) fatal("buffer_append_space: len %u not supported", len); /* If the buffer is empty, start using it from the beginning. */...

...free(Buffer *buffer) { - memset(buffer->buf, 0, buffer->alloc); - xfree(buffer->buf); + if (buffer->alloc > 0) { + memset(buffer->buf, 0, buffer->alloc); + xfree(buffer->buf); + } } /* @@ -69,6 +74,7 @@ void * buffer_append_space(Buffer *buffer, u_int len) { + u_int newlen; void *p; if (len > 0x100000) @@ -98,11 +104,13 @@ goto restart; } /* Increase the size of the buffer and retry. */ - buffer->alloc += len + 32768; - if (buffer->alloc > 0xa00000) + + newlen = buffer->alloc + len + 32768; + if (newlen > 0xa00000) fatal("buffer...

...new_value) +{ + buffer->unlimited = new_value; +} + /* Initializes the buffer structure. */ void @@ -30,6 +38,7 @@ buffer->alloc = len; buffer->offset = 0; buffer->end = 0; + buffer->unlimited = 0; } /* Frees any memory used for the buffer. */ @@ -78,7 +87,7 @@ u_int newlen; void *p; - if (len > 0x100000) + if (!buffer->unlimited && len > 0x100000) fatal("buffer_append_space: len %u not supported", len); /* If the buffer is empty, start using it from the beginning. */ @@ -107,7 +116,7 @@ /* Increase the size of the buffer and re...

...on 1.1.1.1.2.3 diff -c -c -r1.1.1.1.2.3 buffer.c *** crypto/openssh/buffer.c 28 Sep 2001 01:33:33 -0000 1.1.1.1.2.3 --- crypto/openssh/buffer.c 16 Sep 2003 13:19:26 -0000 *************** *** 69,74 **** --- 69,76 ---- void buffer_append_space(Buffer *buffer, char **datap, u_int len) { + u_int newlen; + /* If the buffer is empty, start using it from the beginning. */ if (buffer->offset == buffer->end) { buffer->offset = 0; *************** *** 93,100 **** goto restart; } /* Increase the size of the buffer and retry. */ ! buffer->alloc += len + 32768; ! buffer-&...

...dash/memalloc.c @@ -265,6 +265,14 @@ growstackstr(void) return stackblock() + len; } +char *growstackto(size_t len) +{ + while (stackblocksize() < len) + growstackblock(); + + return stackblock(); +} + /* * Called from CHECKSTRSPACE. */ @@ -273,18 +281,8 @@ char * makestrspace(size_t newlen, char *p) { size_t len = p - stacknxt; - size_t size; - for (;;) { - size_t nleft; - - size = stackblocksize(); - nleft = size - len; - if (nleft >= newlen) - break; - growstackblock(); - } - return stackblock() + len; + return growstackto(len + newlen) + len; } char * diff --git...

...<gthelen at google.com> --- usr/dash/memalloc.c | 2 -- 1 files changed, 0 insertions(+), 2 deletions(-) diff --git a/usr/dash/memalloc.c b/usr/dash/memalloc.c index e75e609..406d0c8 100644 --- a/usr/dash/memalloc.c +++ b/usr/dash/memalloc.c @@ -213,13 +213,11 @@ growstackblock(void) newlen += 128; if (stacknxt == stackp->space && stackp != &stackbase) { - struct stack_block *oldstackp; struct stack_block *sp; struct stack_block *prevstackp; size_t grosslen; INTOFF; - oldstackp = stackp; sp = stackp; prevstackp = sp->prev; grosslen = newl...

This patch series allows user-specified mount commands to be sent in via kernel command line ("kinit_mount=...") or via an embedded /etc/fstab file. The first patch is a cleanup of a patch sent last November by San Mehat (http://web.archiveorange.com/archive/v/EazJNBMORV2U7E0coh5h); the next two are small improvements or bug fixes.

...xe766eba4) at /usr/src/sys/net/if_mib.c:127 #8 0xc059fd77 in sysctl_root (oidp=Variable "oidp" is not available. ) at /usr/src/sys/kern/kern_sysctl.c:1413 #9 0xc059ff14 in userland_sysctl (td=0xc5374460, name=0xe766ec14, namelen=6, old=0x0, oldlenp=0xbfbf8478, inkernel=0, new=0x0, newlen=0, retval=0xe766ec10, flags=0) at /usr/src/sys/kern/kern_sysctl.c:1506 #10 0xc05a0064 in __sysctl (td=0xc5374460, uap=0xe766ecfc) at /usr/src/sys/kern/kern_sysctl.c:1443 #11 0xc07f6a85 in syscall (frame=0xe766ed38) at /usr/src/sys/i386/i386/trap.c:1090 #12 0xc07db850 in Xint0x80_syscall () at /u...

...ent occurs. During my research i found out that this happens when >> the line: >> >> AT ONBATT * START-TIMER shutdown 30 >> >> is parsed. It crashed then in add_arg_word at the following line: >> >> ctx->arglist[argpos] = realloc(ctx->arglist[argpos], newlen); >> >> I looked at the code (and did a diff to the previous stable code) but did >> not find anything. I'm at the end of my knowledge now, so i want to ask you >> if you did have any idea? >> >> Regards >> Volker Theile >> >> The output of...

...Keywords: patch Severity: normal Priority: P2 Component: sftp AssignedTo: bitbucket at mindrot.org ReportedBy: thuejk at gmail.com I had a problem with the sshfs connection dying all the time. I have tracked the problem down to the check if (newlen > BUFFER_MAX_LEN) fatal("buffer_append_space: alloc %u not supported", newlen); in buffer.c:buffer_append_check() The problem is that when sending a file data, sshfs will just keep sending without waiting for the server to catch up. This does not ne...

...tems <max at stro.at> --- usr/dash/memalloc.c | 2 +- 1 files changed, 1 insertions(+), 1 deletions(-) diff --git a/usr/dash/memalloc.c b/usr/dash/memalloc.c index 9fea067..d8e4413 100644 --- a/usr/dash/memalloc.c +++ b/usr/dash/memalloc.c @@ -273,7 +273,7 @@ char * makestrspace(size_t newlen, char *p) { size_t len = p - stacknxt; - size_t size = stackblocksize(); + size_t size; for (;;) { size_t nleft;

...;)) == + if ((cx = strchr(oldctx, ':')) == NULL || (cx = strchr(cx + 1, ':')) == NULL) { logit ("%s: unparseable context %s", __func__, oldctx); return; @@ -210,7 +210,7 @@ len = cx - oldctx + 1; memcpy(newctx, oldctx, len); strlcpy(newctx + len, newname, newlen - len); - if ((cx = index(cx + 1, ':'))) + if ((cx = strchr(cx + 1, ':'))) strlcat(newctx, cx, newlen); debug3("%s: setting context from '%s' to '%s'", __func__, oldctx, newctx); -------------- next part -------------- --- auth2-jpake.c.orig 2012...

Inspired by libvirt's virCommand* internal mini-library, this adds some internal APIs for running commands. The first patch contains the new APIs. The subsequent patches change various parts of the library over to use it. Rich.

...NULL || (cx = strchr(cx + 1, ':')) == NULL) { logit ("%s: unparseable context %s", __func__, oldctx); return; @@ -210,7 +210,7 @@ len = cx - oldctx + 1; memcpy(newctx, oldctx, len); strlcpy(newctx + len, newname, newlen - len); - if ((cx = index(cx + 1, ':'))) + if ((cx = strchr(cx + 1, ':'))) strlcat(newctx, cx, newlen); debug3("%s: setting context from '%s' to '%s'", __func__, oldctx, newctx); A configure with the following...

https://bugzilla.mindrot.org/show_bug.cgi?id=1637 Summary: Change the context when starting internal-sftp Product: Portable OpenSSH Version: 5.2p1 Platform: Other OS/Version: Linux Status: NEW Severity: normal Priority: P2 Component: sftp-server AssignedTo: unassigned-bugs at mindrot.org