import-layers/yocto-poky/meta/recipes-connectivity/openssh/openssh/CVE-2016-1907_2.patch

From f98a09cacff7baad8748c9aa217afd155a4d493f Mon Sep 17 00:00:00 2001
From: "mmcc@openbsd.org" <mmcc@openbsd.org>
Date: Tue, 20 Oct 2015 03:36:35 +0000
Subject: [PATCH] upstream commit

Replace a function-local allocation with stack memory.

ok djm@

Upstream-ID: c09fbbab637053a2ab9f33ca142b4e20a4c5a17e
Upstream-Status: Backport
CVE: CVE-2016-1907

[YOCTO #8935]

Signed-off-by: Armin Kuster <akuster@mvista.com>

---
 clientloop.c | 9 ++-------
 1 file changed, 2 insertions(+), 7 deletions(-)

diff --git a/clientloop.c b/clientloop.c
index 87ceb3d..1e05cba 100644
--- a/clientloop.c
+++ b/clientloop.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: clientloop.c,v 1.275 2015/07/10 06:21:53 markus Exp $ */
+/* $OpenBSD: clientloop.c,v 1.276 2015/10/20 03:36:35 mmcc Exp $ */
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -311,11 +311,10 @@ client_x11_get_proto(const char *display, const char *xauth_path,
 	static char proto[512], data[512];
 	FILE *f;
 	int got_data = 0, generated = 0, do_unlink = 0, i;
-	char *xauthdir, *xauthfile;
+	char xauthdir[PATH_MAX] = "", xauthfile[PATH_MAX] = "";
 	struct stat st;
 	u_int now, x11_timeout_real;
 
-	xauthdir = xauthfile = NULL;
 	*_proto = proto;
 	*_data = data;
 	proto[0] = data[0] = '\0';
@@ -343,8 +342,6 @@ client_x11_get_proto(const char *display, const char *xauth_path,
 			display = xdisplay;
 		}
 		if (trusted == 0) {
-			xauthdir = xmalloc(PATH_MAX);
-			xauthfile = xmalloc(PATH_MAX);
 			mktemp_proto(xauthdir, PATH_MAX);
 			/*
 			 * The authentication cookie should briefly outlive
@@ -407,8 +404,6 @@ client_x11_get_proto(const char *display, const char *xauth_path,
 		unlink(xauthfile);
 		rmdir(xauthdir);
 	}
-	free(xauthdir);
-	free(xauthfile);
 
 	/*
 	 * If we didn't get authentication data, just make up some
-- 
1.9.1