diff options
author | Damien Miller <djm@mindrot.org> | 1999-11-13 13:22:46 +1100 |
---|---|---|
committer | Damien Miller <djm@mindrot.org> | 1999-11-13 13:22:46 +1100 |
commit | a2d6efe013e175f408733970803d535908554297 (patch) | |
tree | 548da62665e66ab5fa62d14299593b36d585a3c8 /bufaux.c | |
parent | 38c608862b5143a4cda472d11d70c1f8c44601f3 (diff) | |
download | openssh-git-a2d6efe013e175f408733970803d535908554297.tar.gz |
- Merged OpenBSD CVS changes:
- [bufaux.c] save a view malloc/memcpy/memset/free's, ok niels
- [scp.c] fix overflow reported by damien@ibs.com.au: off_t
totalsize, ok niels,aaron
Diffstat (limited to 'bufaux.c')
-rw-r--r-- | bufaux.c | 9 |
1 files changed, 5 insertions, 4 deletions
@@ -15,7 +15,7 @@ Buffers. */ #include "includes.h" -RCSID("$Id: bufaux.c,v 1.4 1999/11/12 23:51:58 damien Exp $"); +RCSID("$Id: bufaux.c,v 1.5 1999/11/13 02:22:46 damien Exp $"); #include "ssh.h" @@ -71,10 +71,11 @@ buffer_get_bignum(Buffer *buffer, BIGNUM *value) bits = GET_16BIT(buf); /* Compute the number of binary bytes that follow. */ bytes = (bits + 7) / 8; - bin = xmalloc(bytes); - buffer_get(buffer, bin, bytes); + if (buffer_len(buffer) < bytes) + fatal("buffer_get_bignum: input buffer too small"); + bin = buffer_ptr(buffer); BN_bin2bn(bin, bytes, value); - xfree(bin); + buffer_consume(buffer, bytes); return 2 + bytes; } |