From c2993daaf179cfeb6ab1e0df6e644117a76d3db3 Mon Sep 17 00:00:00 2001 From: djm Date: Tue, 30 Apr 2024 05:53:03 +0000 Subject: [PATCH] stricter validation of messaging socket fd number; disallow usage of stderr. Based on GHPR492 by RealHurrison --- usr.bin/ssh/ssh-keysign.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/usr.bin/ssh/ssh-keysign.c b/usr.bin/ssh/ssh-keysign.c index 97a117ed951..434c7503f7c 100644 --- a/usr.bin/ssh/ssh-keysign.c +++ b/usr.bin/ssh/ssh-keysign.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh-keysign.c,v 1.73 2024/01/11 01:51:16 djm Exp $ */ +/* $OpenBSD: ssh-keysign.c,v 1.74 2024/04/30 05:53:03 djm Exp $ */ /* * Copyright (c) 2002 Markus Friedl. All rights reserved. * @@ -265,7 +265,7 @@ main(int argc, char **argv) __progname, rver, version); if ((r = sshbuf_get_u32(b, (u_int *)&fd)) != 0) fatal_r(r, "%s: buffer error", __progname); - if (fd < 0 || fd == STDIN_FILENO || fd == STDOUT_FILENO) + if (fd <= STDERR_FILENO) fatal("%s: bad fd = %d", __progname, fd); if ((host = get_local_name(fd)) == NULL) fatal("%s: cannot get local name for fd", __progname); -- 2.20.1