Mercurial > dropbear
comparison svr-authpubkeyoptions.c @ 1599:e37f98ea4f24
fix leak in option handling
| author | Matt Johnston <matt@ucc.asn.au> |
|---|---|
| date | Wed, 07 Mar 2018 22:14:36 +0800 |
| parents | 252b406d0e9a |
| children | 6a6a0bac52f4 |
comparison
equal
deleted
inserted
replaced
| 1598:252b406d0e9a | 1599:e37f98ea4f24 |
|---|---|
| 166 goto next_option; | 166 goto next_option; |
| 167 } | 167 } |
| 168 if (match_option(options_buf, "command=\"") == DROPBEAR_SUCCESS) { | 168 if (match_option(options_buf, "command=\"") == DROPBEAR_SUCCESS) { |
| 169 int escaped = 0; | 169 int escaped = 0; |
| 170 const unsigned char* command_start = buf_getptr(options_buf, 0); | 170 const unsigned char* command_start = buf_getptr(options_buf, 0); |
| 171 | |
| 172 if (ses.authstate.pubkey_options->forced_command) { | |
| 173 /* multiple command= options */ | |
| 174 goto bad_option; | |
| 175 } | |
| 176 | |
| 171 while (options_buf->pos < options_buf->len) { | 177 while (options_buf->pos < options_buf->len) { |
| 172 const char c = buf_getbyte(options_buf); | 178 const char c = buf_getbyte(options_buf); |
| 173 if (!escaped && c == '"') { | 179 if (!escaped && c == '"') { |
| 174 const int command_len = buf_getptr(options_buf, 0) - command_start; | 180 const int command_len = buf_getptr(options_buf, 0) - command_start; |
| 175 ses.authstate.pubkey_options->forced_command = m_malloc(command_len); | 181 ses.authstate.pubkey_options->forced_command = m_malloc(command_len); |