From 93fb65af6139db3dad4d34d6d8bab002a8ea0136 Mon Sep 17 00:00:00 2001 From: Simon Tatham Date: Wed, 27 Apr 2022 16:33:23 +0100 Subject: [PATCH] Fix translation of legacy registry RSA key format. A user points out that in commit 6143a50ed228fdf, when I converted all use of the registry to functions that return a newly allocated buffer instead of allocating a buffer themselves beforehand, I overlooked that one use of the old idiom was reusing the preallocated buffer as work space. I _hope_ nobody still needs this code - the 'old-style' host key cache format it handles was replaced in 2000. If anyone has a PuTTY host key cache entry that's survived 22 years without either having to be reinitialised on a new system or changed when the machine's host key was upgraded, they're doing better than I am! But if it's still here, it should still work, obviously. Replaced the reused buffer with a strbuf, which is more robust anyway. --- windows/storage.c | 22 ++++++++++------------ 1 file changed, 10 insertions(+), 12 deletions(-) diff --git a/windows/storage.c b/windows/storage.c index 33b77388..e386213c 100644 --- a/windows/storage.c +++ b/windows/storage.c @@ -294,29 +294,26 @@ int check_stored_host_key(const char *hostname, int port, * doesn't appear anyway in RSA keys) separated by a * comma. All hex digits are lowercase in both formats. */ - char *p = otherstr; - char *q = oldstyle; + strbuf *new = strbuf_new(); + const char *q = oldstyle; int i, j; for (i = 0; i < 2; i++) { int ndigits, nwords; - *p++ = '0'; - *p++ = 'x'; + put_datapl(new, PTRLEN_LITERAL("0x")); ndigits = strcspn(q, "/"); /* find / or end of string */ nwords = ndigits / 4; /* now trim ndigits to remove leading zeros */ while (q[(ndigits - 1) ^ 3] == '0' && ndigits > 1) ndigits--; /* now move digits over to new string */ - for (j = 0; j < ndigits; j++) - p[ndigits - 1 - j] = q[j ^ 3]; - p += ndigits; + for (j = ndigits; j-- > 0 ;) + put_byte(new, q[j ^ 3]); q += nwords * 4; if (*q) { - q++; /* eat the slash */ - *p++ = ','; /* add a comma */ + q++; /* eat the slash */ + put_byte(new, ','); /* add a comma */ } - *p = '\0'; /* terminate the string */ } /* @@ -324,8 +321,9 @@ int check_stored_host_key(const char *hostname, int port, * format. If not, we'll assume something odd went * wrong, and hyper-cautiously do nothing. */ - if (!strcmp(otherstr, key)) - put_reg_sz(rkey, regname->s, otherstr); + if (!strcmp(new->s, key)) + put_reg_sz(rkey, regname->s, new->s); + strbuf_free(new); } sfree(oldstyle);