From: dtucker@openbsd.org <dtucker@openbsd.org>
Date: Sun, 27 Aug 2017 00:38:41 +0000 (+0000)
Subject: upstream commit
X-Git-Tag: V_7_6_P1~46
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=a54eb27dd64b5eca3ba94e15cec3535124bd5029;p=thirdparty%2Fopenssh-portable.git

upstream commit

Increase the buffer sizes for user prompts to ensure that
they won't be truncated by snprintf.  Based on patch from cjwatson at
debian.org via bz#2768, ok djm@

Upstream-ID: 6ffacf1abec8f40b469de5b94bfb29997d96af3e
---

diff --git a/sshconnect2.c b/sshconnect2.c
index 0638818fd..be9397e48 100644
--- a/sshconnect2.c
+++ b/sshconnect2.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: sshconnect2.c,v 1.265 2017/08/11 04:47:12 djm Exp $ */
+/* $OpenBSD: sshconnect2.c,v 1.266 2017/08/27 00:38:41 dtucker Exp $ */
 /*
  * Copyright (c) 2000 Markus Friedl.  All rights reserved.
  * Copyright (c) 2008 Damien Miller.  All rights reserved.
@@ -895,7 +895,7 @@ int
 userauth_passwd(Authctxt *authctxt)
 {
 	static int attempt = 0;
-	char prompt[150];
+	char prompt[256];
 	char *password;
 	const char *host = options.host_key_alias ?  options.host_key_alias :
 	    authctxt->host;
@@ -935,7 +935,7 @@ input_userauth_passwd_changereq(int type, u_int32_t seqnr, struct ssh *ssh)
 {
 	Authctxt *authctxt = ssh->authctxt;
 	char *info, *lang, *password = NULL, *retype = NULL;
-	char prompt[150];
+	char prompt[256];
 	const char *host;
 
 	debug2("input_userauth_passwd_changereq");