X-Git-Url: https://git.distorted.org.uk/u/mdw/putty/blobdiff_plain/2bc6a386c828835b75509281029b1b677f6725dc..2d466ffd08675d26db45e524c2fe6a8cf4628e2b:/ssh.c diff --git a/ssh.c b/ssh.c index 881919c7..45354884 100644 --- a/ssh.c +++ b/ssh.c @@ -1322,7 +1322,7 @@ static void ssh_detect_bugs(char *vstring) static int do_ssh_init(unsigned char c) { - static char vslen; + static int vslen; static char version[10]; static char *vstring; static int vstrsize; @@ -1574,15 +1574,16 @@ static char *connect_to_host(char *host, int port, char **realhost) */ static int do_ssh1_login(unsigned char *in, int inlen, int ispkt) { - int i, j, len; - unsigned char *rsabuf, *keystr1, *keystr2; + int i, j; + static int len; + static unsigned char *rsabuf, *keystr1, *keystr2; unsigned char cookie[8]; struct RSAKey servkey, hostkey; struct MD5Context md5c; static unsigned long supported_ciphers_mask, supported_auths_mask; static int tried_publickey; static unsigned char session_id[16]; - int cipher_type; + static int cipher_type; static char username[100]; crBegin; @@ -1783,7 +1784,8 @@ static int do_ssh1_login(unsigned char *in, int inlen, int ispkt) break; default: if (((c >= ' ' && c <= '~') || - ((unsigned char) c >= 160)) && pos < 40) { + ((unsigned char) c >= 160)) + && pos < sizeof(username)-1) { username[pos++] = c; c_write(&c, 1); } @@ -1883,6 +1885,7 @@ static int do_ssh1_login(unsigned char *in, int inlen, int ispkt) ssh1_read_bignum(pktin.body, &challenge); { char *agentreq, *q, *ret; + void *vret; int len, retlen; len = 1 + 4; /* message type, bit count */ len += ssh1_bignum_length(key.exponent); @@ -1902,7 +1905,8 @@ static int do_ssh1_login(unsigned char *in, int inlen, int ispkt) memcpy(q, session_id, 16); q += 16; PUT_32BIT(q, 1); /* response format */ - agent_query(agentreq, len + 4, &ret, &retlen); + agent_query(agentreq, len + 4, &vret, &retlen); + ret = vret; sfree(agentreq); if (ret) { if (ret[4] == SSH1_AGENT_RSA_RESPONSE) { @@ -2053,9 +2057,7 @@ static int do_ssh1_login(unsigned char *in, int inlen, int ispkt) exit(0); break; default: - if (((c >= ' ' && c <= '~') || - ((unsigned char) c >= 160)) - && pos < sizeof(password)) + if (pos < sizeof(password)-1) password[pos++] = c; break; } @@ -3086,8 +3088,6 @@ static void ssh2_try_send(struct ssh_channel *c) */ static void do_ssh2_authconn(unsigned char *in, int inlen, int ispkt) { - static unsigned long remote_winsize; - static unsigned long remote_maxpkt; static enum { AUTH_INVALID, AUTH_PUBLICKEY_AGENT, AUTH_PUBLICKEY_FILE, AUTH_PASSWORD @@ -3197,7 +3197,8 @@ static void do_ssh2_authconn(unsigned char *in, int inlen, int ispkt) break; default: if (((c >= ' ' && c <= '~') || - ((unsigned char) c >= 160)) && pos < 40) { + ((unsigned char) c >= 160)) + && pos < sizeof(username)-1) { username[pos++] = c; c_write(&c, 1); } @@ -3366,6 +3367,7 @@ static void do_ssh2_authconn(unsigned char *in, int inlen, int ispkt) static int pklen, alglen, commentlen; static int siglen, retlen, len; static char *q, *agentreq, *ret; + void *vret; { char buf[64]; @@ -3444,7 +3446,8 @@ static void do_ssh2_authconn(unsigned char *in, int inlen, int ispkt) q += pktout.length - 5; /* And finally the (zero) flags word. */ PUT_32BIT(q, 0); - agent_query(agentreq, len + 4, &ret, &retlen); + agent_query(agentreq, len + 4, &vret, &retlen); + ret = vret; sfree(agentreq); if (ret) { if (ret[4] == SSH2_AGENT_SIGN_RESPONSE) { @@ -3582,9 +3585,7 @@ static void do_ssh2_authconn(unsigned char *in, int inlen, int ispkt) exit(0); break; default: - if (((c >= ' ' && c <= '~') || - ((unsigned char) c >= 160)) - && pos < 40) + if (pos < sizeof(password)-1) password[pos++] = c; break; }