From a2cd80040464220feed141336653bbde9593859f Mon Sep 17 00:00:00 2001
From: beck <beck@openbsd.org>
Date: Wed, 25 Jul 2018 13:10:56 +0000
Subject: [PATCH] Use the caller provided (copied) pwent struct in
 load_public_identity_files instead of calling getpwuid() again and discarding
 the argument. This prevents a client crash where tilde_expand_filename calls
 getpwuid() again before the pwent pointer is used. Issue noticed and reported
 by Pierre-Olivier Martel <pom@apple.com> ok djm@ deraadt@

---
 usr.bin/ssh/ssh.c | 4 +---
 1 file changed, 1 insertion(+), 3 deletions(-)

diff --git a/usr.bin/ssh/ssh.c b/usr.bin/ssh/ssh.c
index ac66a8eaddc..96a68b44375 100644
--- a/usr.bin/ssh/ssh.c
+++ b/usr.bin/ssh/ssh.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssh.c,v 1.488 2018/07/19 10:28:47 dtucker Exp $ */
+/* $OpenBSD: ssh.c,v 1.489 2018/07/25 13:10:56 beck Exp $ */
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -1979,8 +1979,6 @@ load_public_identity_files(struct passwd *pw)
 		free(keys);
 	}
 #endif /* ENABLE_PKCS11 */
-	if ((pw = getpwuid(original_real_uid)) == NULL)
-		fatal("load_public_identity_files: getpwuid failed");
 	for (i = 0; i < options.num_identity_files; i++) {
 		if (n_ids >= SSH_MAX_IDENTITY_FILES ||
 		    strcasecmp(options.identity_files[i], "none") == 0) {
-- 
2.20.1