87067 – Bug in crypto/openssh/openbsd-compat/bsd-misc.c::strdup()

Bug 87067 - Bug in crypto/openssh/openbsd-compat/bsd-misc.c::strdup()

Summary: Bug in crypto/openssh/openbsd-compat/bsd-misc.c::strdup()

Status:	Closed FIXED

Alias:	None

Product:	Base System
Classification:	Unclassified
Component:	kern (show other bugs)
Version:	6.0-BETA5
Hardware:	Any Any

Importance:	Normal Affects Only Me
Assignee:	freebsd-bugs (Nobody)

URL:
Keywords:

Depends on:
Blocks:

Reported:	2005-10-07 15:40 UTC by Olavi
Modified:	2005-10-08 13:59 UTC (History)
CC List:	0 users

See Also:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Olavi 2005-10-07 15:40:16 UTC

I accidently built libssh.so with an undefined HAVE_STRDUP thus causing libssh to use its built-in version of strdup.

The code looks as:
#ifndef HAVE_STRDUP
char *
strdup(const char *str)
{
        size_t len;
        char *cp;

        len = strlen(str) + 1;
        cp = malloc(len);
        if (cp != NULL)
                if (strlcpy(cp, str, len) != len) {
                        free(cp);
                        return NULL;
                }
        return cp;
}
#endif

The above is a longer version of 'return NULL'.

Fix: 

Change 'if (strlcpy(cp, str, len) != len)' ->
'if (strlcpy(cp, str, len) != (len-1))'.
How-To-Repeat: #undef HAVE_STRDUP and build libssh.so

Comment 1 Antoine Brodin 2005-10-08 12:19:58 UTC

Hi Olavi,

OpenSSH is contributed software and FreeBSD doesn't use this part of
the code, so you probably want to report this problem to the OpenSSH
team ( http://bugzilla.mindrot.org/ )


Cheers,

Antoine

Comment 2 Mark Linimon freebsd_committer

2005-10-08 13:58:32 UTC

State Changed
From-To: open->closed

It sounds as though this needs to be taken up with the upstream authors.