Re: ssh-keygen: sanitize ANSI escape sequences in key comment

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

 



On 02.01.2016 22:12, Roland Hieber wrote:
> Since this is my first patch to OpenSSH, I'm very open for feedback :-)

...he wrote without attaching the patch...

Sorry.

 - Roland
commit 5c7d3d92937cbb65c33bd510aac1269b8a4903b6
Author: Roland Hieber <rohieb@xxxxxxxxxxx>
Date:   Sat Jan 2 17:53:14 2016 +0100

    ssh-keygen: sanitize ANSI escape sequences in key comment

diff --git a/ssh-keygen.c b/ssh-keygen.c
index c3ec4f8..9eeb10c 100644
--- a/ssh-keygen.c
+++ b/ssh-keygen.c
@@ -836,6 +836,7 @@ fingerprint_one_key(const struct sshkey *public, const char *comment)
 	char *fp = NULL, *ra = NULL;
 	enum sshkey_fp_rep rep;
 	int fptype;
+	char * pc = NULL;
 
 	fptype = print_bubblebabble ? SSH_DIGEST_SHA1 : fingerprint_hash;
 	rep =    print_bubblebabble ? SSH_FP_BUBBLEBABBLE : SSH_FP_DEFAULT;
@@ -843,6 +844,11 @@ fingerprint_one_key(const struct sshkey *public, const char *comment)
 	ra = sshkey_fingerprint(public, fingerprint_hash, SSH_FP_RANDOMART);
 	if (fp == NULL || ra == NULL)
 		fatal("%s: sshkey_fingerprint failed", __func__);
+
+	while ((pc = strchr(comment, '\x1b'))) {
+		*pc = '.';
+	}
+
 	printf("%u %s %s (%s)\n", sshkey_size(public), fp,
 	    comment ? comment : "no comment", sshkey_type(public));
 	if (log_level >= SYSLOG_LEVEL_VERBOSE)

Attachment: signature.asc
Description: OpenPGP digital signature

_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@xxxxxxxxxxx
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux