AJ-5491854-fix_unsafe_usage_of_getpwuid.patch   [plain text]

diff -ru ../openssh-4.5p1.old/ssh-add.c ./ssh-add.c
--- ../openssh-4.5p1.old/ssh-add.c	2006-08-31 22:38:37.000000000 -0700
+++ ./ssh-add.c	2007-09-21 13:11:56.000000000 -0700
@@ -402,6 +402,7 @@
 	if (argc == 0) {
 		char buf[MAXPATHLEN];
 		struct passwd *pw;
+		char *pw_dir;
 		struct stat st;
 		int count = 0;
 
@@ -412,8 +413,10 @@
 			goto done;
 		}
 
+		pw_dir = xstrdup(pw->pw_dir);
+
 		for (i = 0; default_files[i]; i++) {
-			snprintf(buf, sizeof(buf), "%s/%s", pw->pw_dir,
+			snprintf(buf, sizeof(buf), "%s/%s", pw_dir,
 			    default_files[i]);
 			if (stat(buf, &st) < 0)
 				continue;
@@ -424,6 +427,8 @@
 		}
 		if (count == 0)
 			ret = 1;
+
+		xfree(pw_dir);
 	} else {
 		for (i = 0; i < argc; i++) {
 			if (do_file(ac, deleting, argv[i]) == -1)