dilim/openssh-portable
1
0
Fork 0
mirror of https://github.com/openssh/openssh-portable.git synced 2026-06-24 08:48:18 +00:00
Code Issues Packages Projects Releases Wiki Activity

upstream: avoid validating bad cipher or mac lists in config files

Browse Source 
/ commandline arguments as valid.

Identified by SUSE and reported by Camila Camargo de Matos

ok deraadt@ tb@

OpenBSD-Commit-ID: 45d51154f2418549e08b80fa33df6c6532046054
This commit is contained in:
djm@openbsd.org
2026-05-13 05:58:58 +00:00
committed by Damien Miller
parent cf6c0b3b94
commit 33392024f4
2 changed files with 10 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
cipher.c
View File

@@ -1,4 +1,4 @@
/* $OpenBSD: cipher.c,v 1.126 2026/02/14 00:18:34 jsg Exp $ */
/* $OpenBSD: cipher.c,v 1.127 2026/05/13 05:58:58 djm Exp $ */
/*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -206,6 +206,7 @@ ciphers_valid(const char *names)
const struct sshcipher *c;
char *cipher_list, *cp;
char *p;
int found = 0;
if (names == NULL || strcmp(names, "") == 0)
return 0;
@@ -217,10 +218,11 @@ ciphers_valid(const char *names)
if (c == NULL || (c->flags & CFLAG_INTERNAL) != 0) {
free(cipher_list);
return 0;
}
} else
found = 1;
}
free(cipher_list);
return 1;
return found;
}
const char *

8
mac.c
View File

@@ -1,4 +1,4 @@
/* $OpenBSD: mac.c,v 1.38 2026/03/03 09:57:25 dtucker Exp $ */
/* $OpenBSD: mac.c,v 1.39 2026/05/13 05:58:58 djm Exp $ */
/*
* Copyright (c) 2001 Markus Friedl. All rights reserved.
*
@@ -236,6 +236,7 @@ int
mac_valid(const char *names)
{
char *maclist, *cp, *p;
int found = 0;
if (names == NULL || strcmp(names, "") == 0)
return 0;
@@ -246,8 +247,9 @@ mac_valid(const char *names)
if (mac_setup(NULL, p) < 0) {
free(maclist);
return 0;
}
} else
found = 1;
}
free(maclist);
return 1;
return found;
}