[src/netbsd-1-5]: src/crypto/dist/ssh Apply patch (requested by he):

[he <he%NetBSD.org@localhost>]

details:   https://anonhg.NetBSD.org/src/rev/098ddf2b5a40
branches:  netbsd-1-5
changeset: 493087:098ddf2b5a40
user:      he <he%NetBSD.org@localhost>
date:      Fri Apr 26 17:01:13 2002 +0000

description:
Apply patch (requested by he):
  Protect against buffer overruns when decoding KerberosIV credentials.
  Bump NetBSD part of version string.

diffstat:

 crypto/dist/ssh/radix.c   |  18 +++++++++---------
 crypto/dist/ssh/version.h |   4 ++--
 2 files changed, 11 insertions(+), 11 deletions(-)

diffs (60 lines):

diff -r b5074a38908d -r 098ddf2b5a40 crypto/dist/ssh/radix.c
--- a/crypto/dist/ssh/radix.c   Fri Apr 26 13:20:54 2002 +0000
+++ b/crypto/dist/ssh/radix.c   Fri Apr 26 17:01:13 2002 +0000
@@ -1,4 +1,4 @@
-/*     $NetBSD: radix.c,v 1.1.1.1.2.3 2001/12/11 00:00:25 he Exp $     */
+/*     $NetBSD: radix.c,v 1.1.1.1.2.4 2002/04/26 17:01:13 he Exp $     */
 /*
  * Copyright (c) 1999 Dug Song.  All rights reserved.
  *
@@ -75,15 +75,15 @@
        (cp) += 4; \
 }
 
-#define GETSTRING(s, p, p_l) {                 \
-    char *p_targ = (p) + p_l;          \
+#define GETSTRING(s, p, p_l, s_l) {            \
+    char *p_targ = (p) + (s_l < p_l ? s_l : p_l);\
     char *s_c = (s);                   \
     char *p_c = (p);                   \
     while (*p_c && (p_c < p_targ)) {           \
        *s_c++ = *p_c++;                        \
     }                                          \
     if (p_c == p_targ) {                       \
-       return 1;                               \
+       return 0;                               \
     }                                          \
     *s_c = *p_c++;                             \
     (p_l) = (p_l) - (p_c - (p));               \
@@ -167,12 +167,12 @@
        p++;
        len--;
 
-       GETSTRING(creds->service, p, len);
-       GETSTRING(creds->instance, p, len);
-       GETSTRING(creds->realm, p, len);
+       GETSTRING(creds->service, p, len, sizeof creds->service);
+       GETSTRING(creds->instance, p, len, sizeof creds->instance);
+       GETSTRING(creds->realm, p, len, sizeof creds->realm);
 
-       GETSTRING(creds->pname, p, len);
-       GETSTRING(creds->pinst, p, len);
+       GETSTRING(creds->pname, p, len, sizeof creds->pname);
+       GETSTRING(creds->pinst, p, len, sizeof creds->pinst);
        /* Ignore possibly different realm. */
        while (*p && len)
                p++, len--;
diff -r b5074a38908d -r 098ddf2b5a40 crypto/dist/ssh/version.h
--- a/crypto/dist/ssh/version.h Fri Apr 26 13:20:54 2002 +0000
+++ b/crypto/dist/ssh/version.h Fri Apr 26 17:01:13 2002 +0000
@@ -1,8 +1,8 @@
-/*     $NetBSD: version.h,v 1.1.1.1.2.7 2002/03/09 16:47:20 he Exp $   */
+/*     $NetBSD: version.h,v 1.1.1.1.2.8 2002/04/26 17:01:13 he Exp $   */
 /* $OpenBSD: version.h,v 1.27 2001/12/05 15:04:48 markus Exp $ */
 
 #define __OPENSSH_VERSION      "OpenSSH_3.0.2"
-#define __NETBSDSSH_VERSION    "NetBSD_Secure_Shell-20020307"
+#define __NETBSDSSH_VERSION    "NetBSD_Secure_Shell-20020426"
 
 /*
  * it is important to retain OpenSSH version identification part, it is