diff options
author | Aris Adamantiadis <aris@0xbadc0de.be> | 2011-09-14 17:28:41 +0300 |
---|---|---|
committer | Aris Adamantiadis <aris@0xbadc0de.be> | 2011-09-14 17:28:41 +0300 |
commit | 0fa88fdcfec1ee4cfc8f9d1708803521d546c574 (patch) | |
tree | bae312e5a4e5d24790caf567a3fc29d5c4a8ac51 /src | |
parent | 49ae226b909361848d4ae1bea4e75d553e76a885 (diff) | |
download | libssh-0fa88fdcfec1ee4cfc8f9d1708803521d546c574.tar.gz libssh-0fa88fdcfec1ee4cfc8f9d1708803521d546c574.tar.xz libssh-0fa88fdcfec1ee4cfc8f9d1708803521d546c574.zip |
Auth: fix possible off-by-one
No security impact, only triggable by specific API call
Diffstat (limited to 'src')
-rw-r--r-- | src/auth.c | 4 |
1 files changed, 2 insertions, 2 deletions
@@ -2004,7 +2004,7 @@ const char *ssh_userauth_kbdint_getanswer(ssh_session session, unsigned int i) { || session->kbdint->answers == NULL) { return NULL; } - if (i > session->kbdint->nanswers) { + if (i >= session->kbdint->nanswers) { return NULL; } @@ -2031,7 +2031,7 @@ int ssh_userauth_kbdint_setanswer(ssh_session session, unsigned int i, if (session == NULL) return -1; if (answer == NULL || session->kbdint == NULL || - i > session->kbdint->nprompts) { + i >= session->kbdint->nprompts) { ssh_set_error_invalid(session, __FUNCTION__); return -1; } |