Use the caller provided (copied) pwent struct in load_public_identity_files

instead of calling getpwuid() again and discarding the argument. This prevents a client crash where tilde_expand_filename calls getpwuid() again before the pwent pointer is used. Issue noticed and reported by Pierre-Olivier Martel <pom@apple.com> ok djm@ deraadt@
author: beck <beck@openbsd.org> 2018-07-25 13:10:56 +0000
committer: beck <beck@openbsd.org> 2018-07-25 13:10:56 +0000
commit: a2cd80040464220feed141336653bbde9593859f (patch)
tree: 4acdffea5eb41e26036045008a3c2c186076dce6 /usr.bin/ssh/ssh.c
parent: document -e (diff)
download: wireguard-openbsd-a2cd80040464220feed141336653bbde9593859f.tar.xz
wireguard-openbsd-a2cd80040464220feed141336653bbde9593859f.zip
1 files changed, 1 insertions, 3 deletions
diff --git a/usr.bin/ssh/ssh.c b/usr.bin/ssh/ssh.c
index ac66a8eaddc..96a68b44375 100644
--- a/usr.bin/ssh/ssh.c
+++ b/usr.bin/ssh/ssh.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssh.c,v 1.488 2018/07/19 10:28:47 dtucker Exp $ */
+/* $OpenBSD: ssh.c,v 1.489 2018/07/25 13:10:56 beck Exp $ */
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -1979,8 +1979,6 @@ load_public_identity_files(struct passwd *pw)
 		free(keys);
 	}
 #endif /* ENABLE_PKCS11 */
-	if ((pw = getpwuid(original_real_uid)) == NULL)
-		fatal("load_public_identity_files: getpwuid failed");
 	for (i = 0; i < options.num_identity_files; i++) {
 		if (n_ids >= SSH_MAX_IDENTITY_FILES ||
 		    strcasecmp(options.identity_files[i], "none") == 0) {
author	beck <beck@openbsd.org>	2018-07-25 13:10:56 +0000
committer	beck <beck@openbsd.org>	2018-07-25 13:10:56 +0000
commit	a2cd80040464220feed141336653bbde9593859f (patch)
tree	4acdffea5eb41e26036045008a3c2c186076dce6 /usr.bin/ssh/ssh.c
parent	document -e (diff)
download	wireguard-openbsd-a2cd80040464220feed141336653bbde9593859f.tar.xz wireguard-openbsd-a2cd80040464220feed141336653bbde9593859f.zip