From 85fdbe25363bae14c93ee50f4239bc500d86d324 Mon Sep 17 00:00:00 2001 From: jacob Date: Tue, 17 Aug 2004 14:08:05 +0000 Subject: [PATCH] Someone complained that their keyboard-interactive password prompt was being truncated - it was from OpenSSH on HP/UX and had all sorts of stuff in it ("last successful login" etc). Bodged it by bumping up the space allocated in the fixed array for a password prompt. Also added an indication that the prompt is being truncated, as required by draft-ietf-secsh-auth-kbdinteract-06. (NB that before this checkin, there was a more-or-less harmless buffer overread where if we ever received a keyboard-interactive prompt with echo=1, we'd probably spew goo on the terminal; fixed now.) git-svn-id: svn://svn.tartarus.org/sgt/putty@4476 cda61777-01e9-0310-a592-d414129be87e --- ssh.c | 15 +++++++++++---- 1 file changed, 11 insertions(+), 4 deletions(-) diff --git a/ssh.c b/ssh.c index 77bb4594..8ae552f3 100644 --- a/ssh.c +++ b/ssh.c @@ -4610,7 +4610,7 @@ static void do_ssh2_authconn(Ssh ssh, unsigned char *in, int inlen, int ispkt) int num_prompts, curr_prompt, echo; char username[100]; int got_username; - char pwprompt[200]; + char pwprompt[512]; char password[100]; void *publickey_blob; int publickey_bloblen; @@ -5189,9 +5189,16 @@ static void do_ssh2_authconn(Ssh ssh, unsigned char *in, int inlen, int ispkt) ssh_pkt_getstring(ssh, &prompt, &prompt_len); if (prompt_len > 0) { - strncpy(s->pwprompt, prompt, sizeof(s->pwprompt)); - s->pwprompt[prompt_len < sizeof(s->pwprompt) ? - prompt_len : sizeof(s->pwprompt)-1] = '\0'; + static const char trunc[] = ": "; + static const int prlen = sizeof(s->pwprompt) - + lenof(trunc); + if (prompt_len > prlen) { + memcpy(s->pwprompt, prompt, prlen); + strcpy(s->pwprompt + prlen, trunc); + } else { + memcpy(s->pwprompt, prompt, prompt_len); + s->pwprompt[prompt_len] = '\0'; + } } else { strcpy(s->pwprompt, ": "); -- 2.11.0