Mercurial > dropbear
changeset 429:ce14fab86732 channel-fix
propagate from branch 'au.asn.ucc.matt.dropbear' (head 6cb7793493d92968e09b5dea21d71ded5811d21f)
to branch 'au.asn.ucc.matt.dropbear.channel-fix' (head 275bf5c6b71ca286c29733b9e38bac40eeb06a40)
author | Matt Johnston <matt@ucc.asn.au> |
---|---|
date | Mon, 12 Feb 2007 13:38:18 +0000 (2007-02-12) |
parents | fd1f05639ed4 (current diff) 695413c59b6a (diff) |
children | 67689b7ceaf0 |
files | |
diffstat | 7 files changed, 12 insertions(+), 5 deletions(-) [+] |
line wrap: on
line diff
--- a/cli-main.c Mon Feb 12 13:37:58 2007 +0000 +++ b/cli-main.c Mon Feb 12 13:38:18 2007 +0000 @@ -47,6 +47,8 @@ _dropbear_exit = cli_dropbear_exit; _dropbear_log = cli_dropbear_log; + disallow_core(); + cli_getopts(argc, argv); TRACE(("user='%s' host='%s' port='%s'", cli_opts.username,
--- a/dbutil.c Mon Feb 12 13:37:58 2007 +0000 +++ b/dbutil.c Mon Feb 12 13:38:18 2007 +0000 @@ -693,3 +693,9 @@ } TRACE(("leave setnonblocking")) } + +void disallow_core() { + struct rlimit lim; + lim.rlim_cur = lim.rlim_max = 0; + setrlimit(RLIMIT_CORE, &lim); +}
--- a/dbutil.h Mon Feb 12 13:37:58 2007 +0000 +++ b/dbutil.h Mon Feb 12 13:38:18 2007 +0000 @@ -63,6 +63,7 @@ void __m_free(void* ptr); void m_burn(void* data, unsigned int len); void setnonblocking(int fd); +void disallow_core(); /* Used to force mp_ints to be initialised */ #define DEF_MP_INT(X) mp_int X = {0, 0, 0, NULL}
--- a/includes.h Mon Feb 12 13:37:58 2007 +0000 +++ b/includes.h Mon Feb 12 13:38:18 2007 +0000 @@ -38,6 +38,7 @@ #include <sys/time.h> #include <sys/un.h> #include <sys/wait.h> +#include <sys/resource.h> #include <stdio.h> #include <errno.h>
--- a/packet.c Mon Feb 12 13:37:58 2007 +0000 +++ b/packet.c Mon Feb 12 13:38:18 2007 +0000 @@ -446,10 +446,6 @@ } /* finished with payload */ - buf_burn(ses.writepayload); /* XXX This is probably a good idea, and isn't - _that_ likely to hurt performance too badly. - Buffers can have cleartext passwords etc, or - other sensitive data */ buf_setpos(ses.writepayload, 0); buf_setlen(ses.writepayload, 0);