On 02.01.2016 22:12, Roland Hieber wrote: > Since this is my first patch to OpenSSH, I'm very open for feedback :-) ...he wrote without attaching the patch... Sorry. - Roland
commit 5c7d3d92937cbb65c33bd510aac1269b8a4903b6
Author: Roland Hieber <rohieb@xxxxxxxxxxx>
Date: Sat Jan 2 17:53:14 2016 +0100
ssh-keygen: sanitize ANSI escape sequences in key comment
diff --git a/ssh-keygen.c b/ssh-keygen.c
index c3ec4f8..9eeb10c 100644
--- a/ssh-keygen.c
+++ b/ssh-keygen.c
@@ -836,6 +836,7 @@ fingerprint_one_key(const struct sshkey *public, const char *comment)
char *fp = NULL, *ra = NULL;
enum sshkey_fp_rep rep;
int fptype;
+ char * pc = NULL;
fptype = print_bubblebabble ? SSH_DIGEST_SHA1 : fingerprint_hash;
rep = print_bubblebabble ? SSH_FP_BUBBLEBABBLE : SSH_FP_DEFAULT;
@@ -843,6 +844,11 @@ fingerprint_one_key(const struct sshkey *public, const char *comment)
ra = sshkey_fingerprint(public, fingerprint_hash, SSH_FP_RANDOMART);
if (fp == NULL || ra == NULL)
fatal("%s: sshkey_fingerprint failed", __func__);
+
+ while ((pc = strchr(comment, '\x1b'))) {
+ *pc = '.';
+ }
+
printf("%u %s %s (%s)\n", sshkey_size(public), fp,
comment ? comment : "no comment", sshkey_type(public));
if (log_level >= SYSLOG_LEVEL_VERBOSE)
Attachment:
signature.asc
Description: OpenPGP digital signature
_______________________________________________ openssh-unix-dev mailing list openssh-unix-dev@xxxxxxxxxxx https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
