changeset 1411:798854f62430 fuzz

merge from main
author Matt Johnston <matt@ucc.asn.au>
date Wed, 14 Jun 2017 23:31:42 +0800
parents 27e65d3aed5f (current diff) 771e4a7051e0 (diff)
children 79582b52a791
files common-kex.c configure.ac dbrandom.c rsa.c signkey.c svr-runopts.c svr-session.c
diffstat 18 files changed, 152 insertions(+), 72 deletions(-) [+]
line wrap: on
line diff
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/.gitignore	Wed Jun 14 23:31:42 2017 +0800
@@ -0,0 +1,21 @@
+*~
+*.o
+*.a
+*.da
+*.bb
+*.bbg
+*.prof
+/autom4te.cache
+/config.log
+/config.status
+/dbclient
+/dropbear
+/dropbearconvert
+/dropbearkey
+/dropbearmulti
+/scp
+/scp-progress
+Makefile
+config.h
+config.h.in
+configure
--- a/CHANGES	Sun Jun 11 21:39:40 2017 +0800
+++ b/CHANGES	Wed Jun 14 23:31:42 2017 +0800
@@ -5,6 +5,7 @@
   dropbear is running with -a (Allow connections to forwarded ports from any host)
   This could potentially allow arbitrary code execution as root by an authenticated user.
   Affects versions 2013.56 to 2016.74. Thanks to Mark Shepard for reporting the crash.
+  CVE-2017-9078 https://secure.ucc.asn.au/hg/dropbear/rev/c8114a48837c
 
 - Security: Fix information disclosure with ~/.ssh/authorized_keys symlink.
   Dropbear parsed authorized_keys as root, even if it were a symlink. The fix
@@ -16,6 +17,7 @@
   contents of that file.
   This information disclosure is to an already authenticated user.
   Thanks to Jann Horn of Google Project Zero for reporting this.
+  CVE-2017-9079 https://secure.ucc.asn.au/hg/dropbear/rev/0d889b068123
 
 - Generate hostkeys with dropbearkey atomically and flush to disk with fsync
   Thanks to Andrei Gherzan for a patch
--- a/cli-runopts.c	Sun Jun 11 21:39:40 2017 +0800
+++ b/cli-runopts.c	Wed Jun 14 23:31:42 2017 +0800
@@ -106,7 +106,7 @@
 
 void cli_getopts(int argc, char ** argv) {
 	unsigned int i, j;
-	char ** next = 0;
+	char ** next = NULL;
 	enum {
 		OPT_EXTENDED_OPTIONS,
 #if DROPBEAR_CLI_PUBKEY_AUTH
--- a/cli-session.c	Sun Jun 11 21:39:40 2017 +0800
+++ b/cli-session.c	Wed Jun 14 23:31:42 2017 +0800
@@ -81,7 +81,7 @@
 	{SSH_MSG_REQUEST_SUCCESS, ignore_recv_response},
 	{SSH_MSG_REQUEST_FAILURE, ignore_recv_response},
 #endif
-	{0, 0} /* End */
+	{0, NULL} /* End */
 };
 
 static const struct ChanType *cli_chantypes[] = {
@@ -287,7 +287,7 @@
 				int devnull;
 				/* keeping stdin open steals input from the terminal and
 				   is confusing, though stdout/stderr could be useful. */
-				devnull = open(_PATH_DEVNULL, O_RDONLY);
+				devnull = open(DROPBEAR_PATH_DEVNULL, O_RDONLY);
 				if (devnull < 0) {
 					dropbear_exit("Opening /dev/null: %d %s",
 							errno, strerror(errno));
--- a/common-kex.c	Sun Jun 11 21:39:40 2017 +0800
+++ b/common-kex.c	Wed Jun 14 23:31:42 2017 +0800
@@ -782,7 +782,7 @@
 	hash_desc->done(&hs, buf_getwriteptr(ses.hash, hash_desc->hashsize));
 	buf_setlen(ses.hash, hash_desc->hashsize);
 
-#if (DEBUG_KEXHASH) && (DEBUG_TRACE)
+#if defined(DEBUG_KEXHASH) && DEBUG_TRACE
 	if (!debug_trace) {
 		printhex("kexhashbuf", ses.kexhashbuf->data, ses.kexhashbuf->len);
 		printhex("kexhash", ses.hash->data, ses.hash->len);
--- a/compat.c	Sun Jun 11 21:39:40 2017 +0800
+++ b/compat.c	Wed Jun 14 23:31:42 2017 +0800
@@ -174,7 +174,7 @@
 	if (!nochdir)
 		(void)chdir("/");
 
-	if (!noclose && (fd = open(_PATH_DEVNULL, O_RDWR, 0)) != -1) {
+	if (!noclose && (fd = open(DROPBEAR_PATH_DEVNULL, O_RDWR, 0)) != -1) {
 		(void)dup2(fd, STDIN_FILENO);
 		(void)dup2(fd, STDOUT_FILENO);
 		(void)dup2(fd, STDERR_FILENO);
--- a/configure.ac	Sun Jun 11 21:39:40 2017 +0800
+++ b/configure.ac	Wed Jun 14 23:31:42 2017 +0800
@@ -45,8 +45,8 @@
 	sol2ver=`echo "$host"| sed -e 's/.*[[0-9]]\.//'`
 	if test "$sol2ver" -ge 8; then
 		AC_MSG_RESULT(yes)
-		AC_DEFINE(DISABLE_UTMP,,Disable utmp)
-		AC_DEFINE(DISABLE_WTMP,,Disable wtmp)
+		AC_DEFINE(DISABLE_UTMP,1,Disable utmp)
+		AC_DEFINE(DISABLE_WTMP,1,Disable wtmp)
 	else
 		AC_MSG_RESULT(no)
 	fi
@@ -55,18 +55,18 @@
 	;;
 
 *-*-aix*)
-	AC_DEFINE(AIX,,Using AIX)
+	AC_DEFINE(AIX,1,Using AIX)
 	# OpenSSH thinks it's broken. If it isn't, let me know.
-	AC_DEFINE(BROKEN_GETADDRINFO,,Broken getaddrinfo)
+	AC_DEFINE(BROKEN_GETADDRINFO,1,Broken getaddrinfo)
 	;;
 	
 *-*-hpux*)
 	LIBS="$LIBS -lsec"
 	# It's probably broken.
-	AC_DEFINE(BROKEN_GETADDRINFO,,Broken getaddrinfo)
+	AC_DEFINE(BROKEN_GETADDRINFO,1,Broken getaddrinfo)
 	;;
 *-dec-osf*)
-	AC_DEFINE(BROKEN_GETADDRINFO,,Broken getaddrinfo)
+	AC_DEFINE(BROKEN_GETADDRINFO,1,Broken getaddrinfo)
 	;;
 esac
 
@@ -80,7 +80,7 @@
 	[
 	no_loginfunc_check=1
 	AC_MSG_NOTICE([Using uClibc - login() and logout() probably don't work, so we won't use them.])
-	],,,)
+	],,)
 
 dnl We test for crypt() specially. On Linux (and others?) it resides in libcrypt
 dnl but we don't want link all binaries to -lcrypt, just dropbear server.
@@ -118,7 +118,7 @@
 	[  --disable-zlib          Don't include zlib support],
 	[
 		if test "x$enableval" = "xno"; then
-			AC_DEFINE(DISABLE_ZLIB,, Use zlib)
+			AC_DEFINE(DISABLE_ZLIB,1,Use zlib)
 			AC_MSG_NOTICE(Disabling zlib)
 		else
 			AC_CHECK_LIB(z, deflate, , AC_MSG_ERROR([*** zlib missing - install first or check config.log ***]))
@@ -159,13 +159,13 @@
 			AC_MSG_NOTICE(Enabling PAM)
 			AC_CHECK_FUNCS(pam_fail_delay)
 		else
-			AC_DEFINE(DISABLE_PAM,, Use PAM)
+			AC_DEFINE(DISABLE_PAM,1,Use PAM)
 			AC_MSG_NOTICE(Disabling PAM)
 		fi
 	],
 	[
 		# disable it by default
-		AC_DEFINE(DISABLE_PAM,, Use PAM)
+		AC_DEFINE(DISABLE_PAM,1,Use PAM)
 		AC_MSG_NOTICE(Disabling PAM)
 	]
 )
@@ -177,7 +177,7 @@
 			AC_MSG_NOTICE(Not using openpty)
 		else
 			AC_MSG_NOTICE(Using openpty if available)
-			AC_SEARCH_LIBS(openpty, util, [AC_DEFINE(HAVE_OPENPTY,,Have openpty() function)])
+			AC_SEARCH_LIBS(openpty, util, [AC_DEFINE(HAVE_OPENPTY,1,[Have openpty() function])])
 		fi
 	],
 	[
@@ -191,7 +191,7 @@
 	[  --disable-syslog        Don't include syslog support],
 	[
 		if test "x$enableval" = "xno"; then
-			AC_DEFINE(DISABLE_SYSLOG,, Using syslog)
+			AC_DEFINE(DISABLE_SYSLOG,1,Using syslog)
 			AC_MSG_NOTICE(Disabling syslog)
 		else
 			AC_MSG_NOTICE(Enabling syslog)
@@ -308,7 +308,7 @@
 	)
 ])
 if test "x$ac_cv_have_struct_sockaddr_in6" = "xyes" ; then
-	AC_DEFINE(HAVE_STRUCT_SOCKADDR_IN6,,Have struct sockaddr_in6)
+	AC_DEFINE(HAVE_STRUCT_SOCKADDR_IN6,1,Have struct sockaddr_in6)
 fi
 
 AC_CACHE_CHECK([for struct in6_addr], ac_cv_have_struct_in6_addr, [
@@ -322,7 +322,7 @@
 	)
 ])
 if test "x$ac_cv_have_struct_in6_addr" = "xyes" ; then
-	AC_DEFINE(HAVE_STRUCT_IN6_ADDR,,Have struct in6_addr)
+	AC_DEFINE(HAVE_STRUCT_IN6_ADDR,1,Have struct in6_addr)
 fi
 
 AC_CACHE_CHECK([for struct addrinfo], ac_cv_have_struct_addrinfo, [
@@ -337,7 +337,7 @@
 	)
 ])
 if test "x$ac_cv_have_struct_addrinfo" = "xyes" ; then
-	AC_DEFINE(HAVE_STRUCT_ADDRINFO,,Have struct addrinfo)
+	AC_DEFINE(HAVE_STRUCT_ADDRINFO,1,Have struct addrinfo)
 fi
 
 
@@ -401,21 +401,21 @@
 			AC_MSG_NOTICE(Forcing bundled libtom*)
 		else
 			BUNDLED_LIBTOM=0
-			AC_CHECK_LIB(tommath, mp_exptmod, LIBTOM_LIBS="$LIBTOM_LIBS -ltommath", 
+			AC_CHECK_LIB(tommath, mp_exptmod, LIBTOM_LIBS="-ltommath $LIBTOM_LIBS",
 				[AC_MSG_ERROR([Missing system libtommath and --disable-bundled-libtom was specified])] )
-			AC_CHECK_LIB(tomcrypt, register_cipher, LIBTOM_LIBS="$LIBTOM_LIBS -ltomcrypt", 
+			AC_CHECK_LIB(tomcrypt, register_cipher, LIBTOM_LIBS="-ltomcrypt $LIBTOM_LIBS",
 				[AC_MSG_ERROR([Missing system libtomcrypt and --disable-bundled-libtom was specified])] )
 		fi
 	],
 	[
 		BUNDLED_LIBTOM=0
-		AC_CHECK_LIB(tommath, mp_exptmod, LIBTOM_LIBS="$LIBTOM_LIBS -ltommath", BUNDLED_LIBTOM=1)
-		AC_CHECK_LIB(tomcrypt, register_cipher, LIBTOM_LIBS="$LIBTOM_LIBS -ltomcrypt", BUNDLED_LIBTOM=1)
+		AC_CHECK_LIB(tommath, mp_exptmod, LIBTOM_LIBS="-ltommath $LIBTOM_LIBS", BUNDLED_LIBTOM=1)
+		AC_CHECK_LIB(tomcrypt, register_cipher, LIBTOM_LIBS="-ltomcrypt $LIBTOM_LIBS", BUNDLED_LIBTOM=1)
 	]
 )
 
 if test $BUNDLED_LIBTOM = 1 ; then
-	AC_DEFINE(BUNDLED_LIBTOM,,Use bundled libtom) 
+	AC_DEFINE(BUNDLED_LIBTOM,1,Use bundled libtom) 
 fi
 
 AC_SUBST(LIBTOM_LIBS)
@@ -426,36 +426,64 @@
 dnl allow user to disable some login recording features
 AC_ARG_ENABLE(lastlog,
 	[  --disable-lastlog       Disable use of lastlog even if detected [no]],
-	[ AC_DEFINE(DISABLE_LASTLOG,,Disable use of lastlog()) ]
+	[
+		if test "x$enableval" = "xno" ; then
+			AC_DEFINE(DISABLE_LASTLOG,1,Disable use of lastlog())
+		fi
+	]
 )
 AC_ARG_ENABLE(utmp,
 	[  --disable-utmp          Disable use of utmp even if detected [no]],
-	[ AC_DEFINE(DISABLE_UTMP,,Disable use of utmp) ]
+	[
+		if test "x$enableval" = "xno" ; then
+			AC_DEFINE(DISABLE_UTMP,1,Disable use of utmp)
+		fi
+	]
 )
 AC_ARG_ENABLE(utmpx,
 	[  --disable-utmpx         Disable use of utmpx even if detected [no]],
-	[ AC_DEFINE(DISABLE_UTMPX,,Disable use of utmpx) ]
+	[
+		if test "x$enableval" = "xno" ; then
+			AC_DEFINE(DISABLE_UTMPX,1,Disable use of utmpx)
+		fi
+	]
 )
 AC_ARG_ENABLE(wtmp,
 	[  --disable-wtmp          Disable use of wtmp even if detected [no]],
-	[ AC_DEFINE(DISABLE_WTMP,,Disable use of wtmp) ]
+	[
+		if test "x$enableval" = "xno" ; then
+			AC_DEFINE(DISABLE_WTMP,1,Disable use of wtmp)
+		fi
+	]
 )
 AC_ARG_ENABLE(wtmpx,
 	[  --disable-wtmpx         Disable use of wtmpx even if detected [no]],
-	[ AC_DEFINE(DISABLE_WTMPX,,Disable use of wtmpx) ]
+	[
+		if test "x$enableval" = "xno" ; then
+			AC_DEFINE(DISABLE_WTMPX,1,Disable use of wtmpx)
+		fi
+	]
 )
 AC_ARG_ENABLE(loginfunc,
 	[  --disable-loginfunc     Disable use of login() etc. [no]],
 	[ no_loginfunc_check=1
-	AC_MSG_NOTICE(Not using login() etc) ]
+	AC_MSG_NOTICE([Not using login() etc]) ]
 )
 AC_ARG_ENABLE(pututline,
 	[  --disable-pututline     Disable use of pututline() etc. ([uw]tmp) [no]],
-	[ AC_DEFINE(DISABLE_PUTUTLINE,,Disable use of pututline()) ]
+	[
+		if test "x$enableval" = "xno" ; then
+			AC_DEFINE(DISABLE_PUTUTLINE,1,Disable use of pututline())
+		fi
+	]
 )
 AC_ARG_ENABLE(pututxline,
 	[  --disable-pututxline    Disable use of pututxline() etc. ([uw]tmpx) [no]],
-	[ AC_DEFINE(DISABLE_PUTUTXLINE,,Disable use of pututxline()) ]
+	[
+		if test "x$enableval" = "xno" ; then
+			AC_DEFINE(DISABLE_PUTUTXLINE,1,Disable use of pututxline())
+		fi
+	]
 )
 AC_ARG_WITH(lastlog,
   [  --with-lastlog=FILE|DIR specify lastlog location [common locations]],
@@ -470,7 +498,7 @@
 
 if test -z "$no_loginfunc_check"; then
 	dnl    Checks for libutil functions (login(), logout() etc, not openpty() )
-	AC_SEARCH_LIBS(login, util bsd, [AC_DEFINE(HAVE_LOGIN,,Have login() function)])
+	AC_SEARCH_LIBS(login, util bsd, [AC_DEFINE(HAVE_LOGIN,1,[Have login() function])])
 	AC_CHECK_FUNCS(logout updwtmp logwtmp)
 fi
 
@@ -666,7 +694,7 @@
 if test -z "$no_ptmx_check" ; then
 	if test x"$cross_compiling" = x"no" ; then
 		if test -e /dev/ptmx ; then
-			AC_DEFINE(USE_DEV_PTMX,,Use /dev/ptmx)
+			AC_DEFINE(USE_DEV_PTMX,1,Use /dev/ptmx)
 		fi
 	else
 		AC_MSG_NOTICE([Not checking for /dev/ptmx, we're cross-compiling])
@@ -676,7 +704,7 @@
 if test -z "$no_ptc_check" ; then
 	if test x"$cross_compiling" = x"no" ; then
 		if test -e /dev/ptc ; then
-			AC_DEFINE(HAVE_DEV_PTS_AND_PTC,,Use /dev/ptc & /dev/pts)
+			AC_DEFINE(HAVE_DEV_PTS_AND_PTC,1,Use /dev/ptc & /dev/pts)
 		fi
 	else
 		AC_MSG_NOTICE([Not checking for /dev/ptc & /dev/pts since we're cross-compiling])
--- a/dbrandom.c	Sun Jun 11 21:39:40 2017 +0800
+++ b/dbrandom.c	Wed Jun 14 23:31:42 2017 +0800
@@ -59,7 +59,7 @@
 	unsigned int readcount;
 	int ret = DROPBEAR_FAILURE;
 
-#if DROPBEAR_PRNGD_SOCKET
+#ifdef DROPBEAR_PRNGD_SOCKET
 	if (prngd)
 	{
 		readfd = connect_unix(filename);
@@ -107,7 +107,7 @@
 			wantread = MIN(sizeof(readbuf), len-readcount);
 		}
 
-#if DROPBEAR_PRNGD_SOCKET
+#ifdef DROPBEAR_PRNGD_SOCKET
 		if (prngd)
 		{
 			char egdcmd[2];
@@ -215,7 +215,7 @@
 	/* existing state */
 	sha1_process(&hs, (void*)hashpool, sizeof(hashpool));
 
-#if DROPBEAR_PRNGD_SOCKET
+#ifdef DROPBEAR_PRNGD_SOCKET
 	if (process_file(&hs, DROPBEAR_PRNGD_SOCKET, INIT_SEED_SIZE, 1) 
 			!= DROPBEAR_SUCCESS) {
 		dropbear_exit("Failure reading random device %s", 
--- a/dropbearkey.c	Sun Jun 11 21:39:40 2017 +0800
+++ b/dropbearkey.c	Wed Jun 14 23:31:42 2017 +0800
@@ -134,7 +134,7 @@
 #endif
 
 	int i;
-	char ** next = 0;
+	char ** next = NULL;
 	char * filename = NULL;
 	enum signkey_type keytype = DROPBEAR_SIGNKEY_NONE;
 	char * typetext = NULL;
--- a/dss.c	Sun Jun 11 21:39:40 2017 +0800
+++ b/dss.c	Wed Jun 14 23:31:42 2017 +0800
@@ -181,6 +181,10 @@
 		TRACE(("verify failed, s' >= q"))
 		goto out;
 	}
+	if (mp_cmp_d(&val1, 0) != MP_GT) {
+		TRACE(("verify failed, s' <= 0"))
+		goto out;
+	}
 	/* let val2 = w = (s')^-1 mod q*/
 	if (mp_invmod(&val1, key->q, &val2) != MP_OKAY) {
 		goto out;
@@ -202,6 +206,10 @@
 		TRACE(("verify failed, r' >= q"))
 		goto out;
 	}
+	if (mp_cmp_d(&val1, 0) != MP_GT) {
+		TRACE(("verify failed, r' <= 0"))
+		goto out;
+	}
 	/* let val4 = u2 = ((r')w) mod q */
 	if (mp_mulmod(&val1, &val2, key->q, &val4) != MP_OKAY) {
 		goto out;
--- a/keyimport.c	Sun Jun 11 21:39:40 2017 +0800
+++ b/keyimport.c	Wed Jun 14 23:31:42 2017 +0800
@@ -694,7 +694,7 @@
 							  &id, &len, &flags);
 		p += ret;
 		/* id==4 for octet string */
-				if (ret < 0 || id != 4 || len < 0 ||
+		if (ret < 0 || id != 4 || len < 0 ||
 			key->keyblob+key->keyblob_len-p < len) {
 			errmsg = "ASN.1 decoding failure";
 			goto error;
@@ -708,7 +708,7 @@
 							  &id, &len, &flags);
 		p += ret;
 		/* id==0 */
-				if (ret < 0 || id != 0 || len < 0) {
+		if (ret < 0 || id != 0 || len < 0) {
 			errmsg = "ASN.1 decoding failure";
 			goto error;
 		}
@@ -717,7 +717,7 @@
 							  &id, &len, &flags);
 		p += ret;
 		/* id==6 for object */
-				if (ret < 0 || id != 6 || len < 0 ||
+		if (ret < 0 || id != 6 || len < 0 ||
 			key->keyblob+key->keyblob_len-p < len) {
 			errmsg = "ASN.1 decoding failure";
 			goto error;
@@ -756,7 +756,7 @@
 							  &id, &len, &flags);
 		p += ret;
 		/* id==1 */
-				if (ret < 0 || id != 1 || len < 0) {
+		if (ret < 0 || id != 1 || len < 0) {
 			errmsg = "ASN.1 decoding failure";
 			goto error;
 		}
@@ -765,7 +765,7 @@
 							  &id, &len, &flags);
 		p += ret;
 		/* id==3 for bit string */
-				if (ret < 0 || id != 3 || len < 0 ||
+		if (ret < 0 || id != 3 || len < 0 ||
 			key->keyblob+key->keyblob_len-p < len) {
 			errmsg = "ASN.1 decoding failure";
 			goto error;
--- a/libtommath/bn_mp_exteuclid.c	Sun Jun 11 21:39:40 2017 +0800
+++ b/libtommath/bn_mp_exteuclid.c	Wed Jun 14 23:31:42 2017 +0800
@@ -29,34 +29,34 @@
 
    /* initialize, (u1,u2,u3) = (1,0,a) */
    mp_set(&u1, 1);
-   if ((err = mp_copy(a, &u3)) != MP_OKAY)                                        { goto _ERR; }
+   if ((err = mp_copy(a, &u3)) != MP_OKAY)                                        { goto LBL_ERR; }
 
    /* initialize, (v1,v2,v3) = (0,1,b) */
    mp_set(&v2, 1);
-   if ((err = mp_copy(b, &v3)) != MP_OKAY)                                        { goto _ERR; }
+   if ((err = mp_copy(b, &v3)) != MP_OKAY)                                        { goto LBL_ERR; }
 
    /* loop while v3 != 0 */
    while (mp_iszero(&v3) == MP_NO) {
        /* q = u3/v3 */
-       if ((err = mp_div(&u3, &v3, &q, NULL)) != MP_OKAY)                         { goto _ERR; }
+       if ((err = mp_div(&u3, &v3, &q, NULL)) != MP_OKAY)                         { goto LBL_ERR; }
 
        /* (t1,t2,t3) = (u1,u2,u3) - (v1,v2,v3)q */
-       if ((err = mp_mul(&v1, &q, &tmp)) != MP_OKAY)                              { goto _ERR; }
-       if ((err = mp_sub(&u1, &tmp, &t1)) != MP_OKAY)                             { goto _ERR; }
-       if ((err = mp_mul(&v2, &q, &tmp)) != MP_OKAY)                              { goto _ERR; }
-       if ((err = mp_sub(&u2, &tmp, &t2)) != MP_OKAY)                             { goto _ERR; }
-       if ((err = mp_mul(&v3, &q, &tmp)) != MP_OKAY)                              { goto _ERR; }
-       if ((err = mp_sub(&u3, &tmp, &t3)) != MP_OKAY)                             { goto _ERR; }
+       if ((err = mp_mul(&v1, &q, &tmp)) != MP_OKAY)                              { goto LBL_ERR; }
+       if ((err = mp_sub(&u1, &tmp, &t1)) != MP_OKAY)                             { goto LBL_ERR; }
+       if ((err = mp_mul(&v2, &q, &tmp)) != MP_OKAY)                              { goto LBL_ERR; }
+       if ((err = mp_sub(&u2, &tmp, &t2)) != MP_OKAY)                             { goto LBL_ERR; }
+       if ((err = mp_mul(&v3, &q, &tmp)) != MP_OKAY)                              { goto LBL_ERR; }
+       if ((err = mp_sub(&u3, &tmp, &t3)) != MP_OKAY)                             { goto LBL_ERR; }
 
        /* (u1,u2,u3) = (v1,v2,v3) */
-       if ((err = mp_copy(&v1, &u1)) != MP_OKAY)                                  { goto _ERR; }
-       if ((err = mp_copy(&v2, &u2)) != MP_OKAY)                                  { goto _ERR; }
-       if ((err = mp_copy(&v3, &u3)) != MP_OKAY)                                  { goto _ERR; }
+       if ((err = mp_copy(&v1, &u1)) != MP_OKAY)                                  { goto LBL_ERR; }
+       if ((err = mp_copy(&v2, &u2)) != MP_OKAY)                                  { goto LBL_ERR; }
+       if ((err = mp_copy(&v3, &u3)) != MP_OKAY)                                  { goto LBL_ERR; }
 
        /* (v1,v2,v3) = (t1,t2,t3) */
-       if ((err = mp_copy(&t1, &v1)) != MP_OKAY)                                  { goto _ERR; }
-       if ((err = mp_copy(&t2, &v2)) != MP_OKAY)                                  { goto _ERR; }
-       if ((err = mp_copy(&t3, &v3)) != MP_OKAY)                                  { goto _ERR; }
+       if ((err = mp_copy(&t1, &v1)) != MP_OKAY)                                  { goto LBL_ERR; }
+       if ((err = mp_copy(&t2, &v2)) != MP_OKAY)                                  { goto LBL_ERR; }
+       if ((err = mp_copy(&t3, &v3)) != MP_OKAY)                                  { goto LBL_ERR; }
    }
 
    /* make sure U3 >= 0 */
@@ -72,7 +72,8 @@
    if (U3 != NULL) { mp_exch(U3, &u3); }
 
    err = MP_OKAY;
-_ERR: mp_clear_multi(&u1, &u2, &u3, &v1, &v2, &v3, &t1, &t2, &t3, &q, &tmp, NULL);
+LBL_ERR:
+   mp_clear_multi(&u1, &u2, &u3, &v1, &v2, &v3, &t1, &t2, &t3, &q, &tmp, NULL);
    return err;
 }
 #endif
--- a/rsa.c	Sun Jun 11 21:39:40 2017 +0800
+++ b/rsa.c	Wed Jun 14 23:31:42 2017 +0800
@@ -324,7 +324,7 @@
 	buf_incrwritepos(buf, ssize);
 	mp_clear(&rsa_s);
 
-#if defined(DEBUG_RSA) && defined(DEBUG_TRACE)
+#if defined(DEBUG_RSA) && DEBUG_TRACE
 	if (!debug_trace) {
 		printhex("RSA sig", buf->data, buf->len);
 	}
--- a/scpmisc.c	Sun Jun 11 21:39:40 2017 +0800
+++ b/scpmisc.c	Wed Jun 14 23:31:42 2017 +0800
@@ -235,7 +235,7 @@
 {
 	int nullfd, dupfd;
 
-	if ((nullfd = dupfd = open(_PATH_DEVNULL, O_RDWR)) == -1) {
+	if ((nullfd = dupfd = open(DROPBEAR_PATH_DEVNULL, O_RDWR)) == -1) {
 		fprintf(stderr, "Couldn't open /dev/null: %s", strerror(errno));
 		exit(1);
 	}
--- a/svr-runopts.c	Sun Jun 11 21:39:40 2017 +0800
+++ b/svr-runopts.c	Wed Jun 14 23:31:42 2017 +0800
@@ -114,7 +114,7 @@
 void svr_getopts(int argc, char ** argv) {
 
 	unsigned int i, j;
-	char ** next = 0;
+	char ** next = NULL;
 	int nextisport = 0;
 	char* recv_window_arg = NULL;
 	char* keepalive_arg = NULL;
@@ -289,7 +289,7 @@
 			if (*next == NULL) {
 				dropbear_exit("Invalid null argument");
 			}
-			next = 0x00;
+			next = NULL;
 
 			if (keyfile) {
 				addhostkey(keyfile);
--- a/svr-session.c	Sun Jun 11 21:39:40 2017 +0800
+++ b/svr-session.c	Wed Jun 14 23:31:42 2017 +0800
@@ -67,7 +67,7 @@
 	{SSH_MSG_CHANNEL_OPEN_CONFIRMATION, recv_msg_channel_open_confirmation},
 	{SSH_MSG_CHANNEL_OPEN_FAILURE, recv_msg_channel_open_failure},
 #endif
-	{0, 0} /* End */
+	{0, NULL} /* End */
 };
 
 static const struct ChanType *svr_chantypes[] = {
--- a/tcp-accept.c	Sun Jun 11 21:39:40 2017 +0800
+++ b/tcp-accept.c	Wed Jun 14 23:31:42 2017 +0800
@@ -55,19 +55,19 @@
 static void tcp_acceptor(struct Listener *listener, int sock) {
 
 	int fd;
-	struct sockaddr_storage addr;
+	struct sockaddr_storage sa;
 	socklen_t len;
 	char ipstring[NI_MAXHOST], portstring[NI_MAXSERV];
 	struct TCPListener *tcpinfo = (struct TCPListener*)(listener->typedata);
 
-	len = sizeof(addr);
+	len = sizeof(sa);
 
-	fd = accept(sock, (struct sockaddr*)&addr, &len);
+	fd = accept(sock, (struct sockaddr*)&sa, &len);
 	if (fd < 0) {
 		return;
 	}
 
-	if (getnameinfo((struct sockaddr*)&addr, len, ipstring, sizeof(ipstring),
+	if (getnameinfo((struct sockaddr*)&sa, len, ipstring, sizeof(ipstring),
 				portstring, sizeof(portstring), 
 				NI_NUMERICHOST | NI_NUMERICSERV) != 0) {
 		m_close(fd);
--- a/termcodes.c	Sun Jun 11 21:39:40 2017 +0800
+++ b/termcodes.c	Wed Jun 14 23:31:42 2017 +0800
@@ -34,7 +34,11 @@
 		{VKILL, TERMCODE_CONTROLCHAR},
 		{VEOF, TERMCODE_CONTROLCHAR},
 		{VEOL, TERMCODE_CONTROLCHAR},
+#ifdef VEOL2
 		{VEOL2, TERMCODE_CONTROLCHAR},
+#else
+		{0, 0},
+#endif
 		{VSTART, TERMCODE_CONTROLCHAR},
 		{VSTOP, TERMCODE_CONTROLCHAR},
 		{VSUSP, TERMCODE_CONTROLCHAR},
@@ -51,17 +55,25 @@
 #ifdef AIX
 		{CERASE, TERMCODE_CONTROLCHAR},
 #else
+#ifdef VWERASE
 		{VWERASE, TERMCODE_CONTROLCHAR},
+#else
+		{0, 0},
+#endif
 #endif
+#ifdef VLNEXT
 		{VLNEXT, TERMCODE_CONTROLCHAR},
+#else
+		{0, 0},
+#endif
 #ifdef VFLUSH
 		{VFLUSH, TERMCODE_CONTROLCHAR},
-#else	
+#else
 		{0, 0},
 #endif
 #ifdef VSWTCH
 		{VSWTCH, TERMCODE_CONTROLCHAR},
-#else	
+#else
 		{0, 0},
 #endif
 #ifdef VSTATUS
@@ -135,8 +147,16 @@
 		{NOFLSH, TERMCODE_LOCAL},
 		{TOSTOP, TERMCODE_LOCAL},
 		{IEXTEN, TERMCODE_LOCAL},
+#ifdef ECHOCTL
 		{ECHOCTL, TERMCODE_LOCAL},
+#else
+		{0, 0},
+#endif
+#ifdef ECHOKE
 		{ECHOKE, TERMCODE_LOCAL},
+#else
+		{0, 0},
+#endif
 #ifdef PENDIN
 		{PENDIN, TERMCODE_LOCAL},
 #else