Fixed a possible out-of-bounds memory access if the environment variable

SHELL is shorter than 3 characters. with input by and ok dtucker
author: tobias <tobias@openbsd.org> 2009-03-23 08:31:19 +0000
committer: tobias <tobias@openbsd.org> 2009-03-23 08:31:19 +0000
commit: 56d6b87648144a1c0c07b64cc09454ea2995a33e (patch)
tree: 52245b300c1b49ff2d6129c842a85f3b6de412e5 /usr.bin/ssh/ssh-agent.c
parent: Fixed a leaking of a fd each time a file is delivered to a mbox, which (diff)
download: wireguard-openbsd-56d6b87648144a1c0c07b64cc09454ea2995a33e.tar.xz
wireguard-openbsd-56d6b87648144a1c0c07b64cc09454ea2995a33e.zip
1 files changed, 2 insertions, 2 deletions
diff --git a/usr.bin/ssh/ssh-agent.c b/usr.bin/ssh/ssh-agent.c
index 0d2abe222e7..36c475f79cf 100644
--- a/usr.bin/ssh/ssh-agent.c
+++ b/usr.bin/ssh/ssh-agent.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssh-agent.c,v 1.159 2008/06/28 14:05:15 djm Exp $ */
+/* $OpenBSD: ssh-agent.c,v 1.160 2009/03/23 08:31:19 tobias Exp $ */
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -1094,7 +1094,7 @@ main(int ac, char **av)
 	if (ac == 0 && !c_flag && !s_flag) {
 		shell = getenv("SHELL");
 		if (shell != NULL &&
-		    strncmp(shell + strlen(shell) - 3, "csh", 3) == 0)
+		    strncmp(shell + MAX(strlen(shell) - 3, 0), "csh", 3) == 0)
 			c_flag = 1;
 	}
 	if (k_flag) {
author	tobias <tobias@openbsd.org>	2009-03-23 08:31:19 +0000
committer	tobias <tobias@openbsd.org>	2009-03-23 08:31:19 +0000
commit	56d6b87648144a1c0c07b64cc09454ea2995a33e (patch)
tree	52245b300c1b49ff2d6129c842a85f3b6de412e5 /usr.bin/ssh/ssh-agent.c
parent	Fixed a leaking of a fd each time a file is delivered to a mbox, which (diff)
download	wireguard-openbsd-56d6b87648144a1c0c07b64cc09454ea2995a33e.tar.xz wireguard-openbsd-56d6b87648144a1c0c07b64cc09454ea2995a33e.zip