diff options
author | Andreas Schneider <asn@cryptomilk.org> | 2011-09-08 15:27:09 +0200 |
---|---|---|
committer | Andreas Schneider <asn@cryptomilk.org> | 2011-09-08 15:29:05 +0200 |
commit | 55c758d0798f89e5f904cc09c272148415c235b7 (patch) | |
tree | 06433294419d32f2d85126a8fce0f45f8cccb38c | |
parent | 09da9418cc284a799e2ff5807de08dcaf5e83461 (diff) | |
download | libssh-55c758d0798f89e5f904cc09c272148415c235b7.tar.gz libssh-55c758d0798f89e5f904cc09c272148415c235b7.tar.xz libssh-55c758d0798f89e5f904cc09c272148415c235b7.zip |
auth1: Fix ssh_string usage.
-rw-r--r-- | src/auth1.c | 8 |
1 files changed, 5 insertions, 3 deletions
diff --git a/src/auth1.c b/src/auth1.c index 8b96f8ca..38828f8e 100644 --- a/src/auth1.c +++ b/src/auth1.c @@ -162,19 +162,21 @@ int ssh_userauth1_password(ssh_session session, const char *username, return SSH_AUTH_ERROR; } } else { + char buf[128] = {0}; /* fill the password string from random things. the strcpy * ensure there is at least a nul byte after the password. * most implementation won't see the garbage at end. * why garbage ? because nul bytes will be compressed by * gzip and disclose password len. */ - pwd = ssh_string_new(128); + pwd = ssh_string_new(sizeof(buf)); if (pwd == NULL) { leave_function(); return SSH_AUTH_ERROR; } - ssh_get_random( pwd->string, 128, 0); - strcpy((char *) pwd->string, password); + ssh_get_random(buf, sizeof(buf), 0); + strcpy(buf, password); + ssh_string_fill(pwd, buf, sizeof(buf)); } if (buffer_add_u8(session->out_buffer, SSH_CMSG_AUTH_PASSWORD) < 0) { |