simon-svn: putty: simon
Commits to Tartarus CVS repository.
tartarus-commits at lists.tartarus.org
Sat Jan 25 15:59:05 GMT 2014
SVN root: svn://svn.tartarus.org/sgt
Changes by: simon
Revision: 10123
Date: 2014-01-25 15:59:04 +0000 (Sat, 25 Jan 2014)
Log message (10 lines):
Fix a potential crash in ssh_setup_portfwd.
If we search for a colon by computing ptr + host_strcspn(ptr,":"),
then the resulting pointer is always non-NULL, and the 'not found'
condition is not !p but !*p.
This typo could have caused PuTTY to overrun a string, but not in a
security-bug sense because any such string would have to have been
loaded from the configuration rather than received from a hostile
source.
Modified files:
U putty/ssh.c
Links:
http://svn.tartarus.org/sgt/?rev=10123&view=rev
http://svn.tartarus.org/sgt/putty/ssh.c?rev=10123&r1=10122&r2=10123
More information about the tartarus-commits
mailing list