aboutsummaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
authorAndreas Schneider <asn@cryptomilk.org>2011-01-24 17:06:50 +0100
committerAndreas Schneider <asn@cryptomilk.org>2011-01-24 17:13:35 +0100
commit1e827a8e818cf800d5574a2c2cbd97dfae243638 (patch)
treeb5fea33e80d39458d93806df2002aac71252e478 /src
parent20e637968afc897af78ca57cc1065c26ceccc38a (diff)
downloadlibssh-1e827a8e818cf800d5574a2c2cbd97dfae243638.tar.gz
libssh-1e827a8e818cf800d5574a2c2cbd97dfae243638.tar.xz
libssh-1e827a8e818cf800d5574a2c2cbd97dfae243638.zip
getpass: Fixed possible segfault if len is too small.
Diffstat (limited to 'src')
-rw-r--r--src/getpass.c10
1 files changed, 10 insertions, 0 deletions
diff --git a/src/getpass.c b/src/getpass.c
index f0b82837..14e5933a 100644
--- a/src/getpass.c
+++ b/src/getpass.c
@@ -123,6 +123,11 @@ int ssh_getpass(const char *prompt,
DWORD mode = 0;
int ok;
+ /* fgets needs at least len - 1 */
+ if (prompt == NULL || buf == NULL || len < 2) {
+ return -1;
+ }
+
/* get stdin and mode */
h = GetStdHandle(STD_INPUT_HANDLE);
if (!GetConsoleMode(h, &mode)) {
@@ -207,6 +212,11 @@ int ssh_getpass(const char *prompt,
int ok = 0;
int fd = -1;
+ /* fgets needs at least len - 1 */
+ if (prompt == NULL || buf == NULL || len < 2) {
+ return -1;
+ }
+
ZERO_STRUCT(attr);
ZERO_STRUCT(old_attr);