[PATCH] Fixes null pointer dereference in do_setup_env().

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

 

There is a wrong usage of strchr() in openssh. strchr() shall return a
null pointer if the char was not found. Check whether return value is
NULL instead of dereferencing it.

Signed-off-by: Jubin Zhong <zhongjubin@xxxxxxxxxx>
---
 session.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/session.c b/session.c
index b25cbca..9e9d5fe 100644
--- a/session.c
+++ b/session.c
@@ -1105,7 +1105,7 @@ do_setup_env(struct ssh *ssh, Session *s, const char *shell)
 		for (n = 0 ; n < auth_opts->nenv; n++) {
 			ocp = xstrdup(auth_opts->env[n]);
 			cp = strchr(ocp, '=');
-			if (*cp == '=') {
+			if (cp != NULL) {
 				*cp = '\0';
 				/* Apply PermitUserEnvironment allowlist */
 				if (options.permit_user_env_allowlist == NULL ||
-- 
1.8.5.6

_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@xxxxxxxxxxx
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux