From: djm@openbsd.org <djm@openbsd.org>
Date: Fri, 11 Dec 2015 03:19:09 +0000 (+0000)
Subject: upstream commit
X-Git-Tag: V_7_2_P1~67
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=cce6a36bb95e81fa8bfb46daf22eabcf13afc352;p=thirdparty%2Fopenssh-portable.git

upstream commit

use SSH_MAX_PUBKEY_BYTES consistently as buffer size when
 reading key files. Increase it to match the size of the buffers already being
 used.

Upstream-ID: 1b60586b484b55a947d99a0b32bd25e0ced56fae
---

diff --git a/ssh-keygen.c b/ssh-keygen.c
index ff3f710de..c3ec4f882 100644
--- a/ssh-keygen.c
+++ b/ssh-keygen.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssh-keygen.c,v 1.286 2015/12/11 02:31:47 mmcc Exp $ */
+/* $OpenBSD: ssh-keygen.c,v 1.287 2015/12/11 03:19:09 djm Exp $ */
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
  * Copyright (c) 1994 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -880,7 +880,7 @@ do_fingerprint(struct passwd *pw)
 {
 	FILE *f;
 	struct sshkey *public = NULL;
-	char *comment = NULL, *cp, *ep, line[16*1024];
+	char *comment = NULL, *cp, *ep, line[SSH_MAX_PUBKEY_BYTES];
 	int i, invalid = 1;
 	const char *path;
 	long int lnum = 0;
@@ -1918,7 +1918,7 @@ do_show_cert(struct passwd *pw)
 	struct stat st;
 	int r, is_stdin = 0, ok = 0;
 	FILE *f;
-	char *cp, line[2048];
+	char *cp, line[SSH_MAX_PUBKEY_BYTES];
 	const char *path;
 	long int lnum = 0;
 
diff --git a/ssh.h b/ssh.h
index 80eaeb3ed..50467a792 100644
--- a/ssh.h
+++ b/ssh.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssh.h,v 1.82 2015/09/24 06:15:11 djm Exp $ */
+/* $OpenBSD: ssh.h,v 1.83 2015/12/11 03:19:09 djm Exp $ */
 
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
@@ -35,7 +35,7 @@
  * Current value permits 16kbit RSA and RSA1 keys and 8kbit DSA keys, with
  * some room for options and comments.
  */
-#define SSH_MAX_PUBKEY_BYTES		8192
+#define SSH_MAX_PUBKEY_BYTES		16384
 
 /*
  * Major protocol version.  Different version indicates major incompatibility