From 520304af7ddd54ac97111d21f45ef37e9350c58c Mon Sep 17 00:00:00 2001
From: dtucker <dtucker@openbsd.org>
Date: Tue, 28 Feb 2023 21:31:50 +0000
Subject: [PATCH] fatal out if allocating banner string fails to avoid
 potential null deref later in sscanf.  Spotted by Coverity, ok deraadt@

---
 usr.bin/ssh/kex.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/usr.bin/ssh/kex.c b/usr.bin/ssh/kex.c
index 146dec105fd..7a0bd15912c 100644
--- a/usr.bin/ssh/kex.c
+++ b/usr.bin/ssh/kex.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: kex.c,v 1.174 2023/02/17 04:22:50 dtucker Exp $ */
+/* $OpenBSD: kex.c,v 1.175 2023/02/28 21:31:50 dtucker Exp $ */
 /*
  * Copyright (c) 2000, 2001 Markus Friedl.  All rights reserved.
  *
@@ -1328,7 +1328,7 @@ kex_exchange_identification(struct ssh *ssh, int timeout_ms,
 	}
 	peer_version_string = sshbuf_dup_string(peer_version);
 	if (peer_version_string == NULL)
-		error_f("sshbuf_dup_string failed");
+		fatal_f("sshbuf_dup_string failed");
 	/* XXX must be same size for sscanf */
 	if ((remote_version = calloc(1, sshbuf_len(peer_version))) == NULL) {
 		error_f("calloc failed");
-- 
2.20.1