undef/git-commit-vandalism
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

gpg-interface: avoid buffer overrun in parse_ssh_output()

Browse Source 
If the string "key" we found in the output of ssh-keygen happens to be
located at the very end of the line, then going four characters further
leaves us beyond the end of the string.  Explicitly search for the
space after "key" to handle a missing one gracefully.

Signed-off-by: René Scharfe <l.s.r@web.de>
Acked-by: Fabian Stelzer <fs@gigacodes.de>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
This commit is contained in:
René Scharfe 2021-10-30 19:07:38 +02:00 committed by Junio C Hamano
parent 18b18503e3
commit 65db97b4fa
1 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
gpg-interface.c
View File

@ -409,9 +409,9 @@ static void parse_ssh_output(struct signature_check *sigc)
goto cleanup;
}
key = strstr(line, "key");
key = strstr(line, "key ");
if (key) {
sigc->fingerprint = xstrdup(strstr(line, "key") + 4);
sigc->fingerprint = xstrdup(strstr(line, "key ") + 4);
sigc->key = xstrdup(sigc->fingerprint);
} else {
/*