unsigned len = portp - host;
if (len >= sizeof(cfg->ssh_nc_host))
len = sizeof(cfg->ssh_nc_host) - 1;
- strncpy(cfg->ssh_nc_host, value, len);
- cfg->ssh_nc_host[sizeof(cfg->ssh_nc_host) - 1] = '\0';
+ memcpy(cfg->ssh_nc_host, value, len);
+ cfg->ssh_nc_host[len] = '\0';
cfg->ssh_nc_port = atoi(portp+1);
} else {
cmdline_error("-nc expects argument of form 'host:port'");
/* We delay evaluating this until after the protocol is decided,
* so that we can warn if it's of no use with the selected protocol */
if (cfg->protocol != PROT_SSH)
- cmdline_error("The -pw option can only be used with the "
+ cmdline_error("the -pw option can only be used with the "
"SSH protocol");
- else
- cmdline_password = value;
+ else {
+ cmdline_password = dupstr(value);
+ /* Assuming that `value' is directly from argv, make a good faith
+ * attempt to trample it, to stop it showing up in `ps' output
+ * on Unix-like systems. Not guaranteed, of course. */
+ memset(value, 0, strlen(value));
+ }
}
if (!strcmp(p, "-agent") || !strcmp(p, "-pagent") ||
if (!strcmp(p, "-t")) {
RETURN(1);
UNAVAILABLE_IN(TOOLTYPE_FILETRANSFER | TOOLTYPE_NONNETWORK);
- SAVEABLE(0);
+ SAVEABLE(1); /* lower priority than -m */
cfg->nopty = 0;
}
if (!strcmp(p, "-T")) {
RETURN(1);
UNAVAILABLE_IN(TOOLTYPE_FILETRANSFER | TOOLTYPE_NONNETWORK);
- SAVEABLE(0);
+ SAVEABLE(1);
cfg->nopty = 1;
}