userauth.c: fread() from public key file to correctly detect any errors

If the filename parameter for file_read_publickey() was the name of a directory instead of a file then libssh2 would spin trying to fgetc() from the FILE * for the opened directory when trying to determine the length of the encoded public key, since fgetc() can't report errors. Use fread() instead to correctly detect this error condition along with many others. This fixes the problem reported in http://www.libssh2.org/mail/libssh2-devel-archive-2012-04/0021.shtml Reported-by: Oleksiy Zagorskyi <zalex_ua@i.ua>
2012-04-18 11:34:13 +02:00 · 2012-04-18 11:34:13 +02:00 · 11f9dce3d7
commit 11f9dce3d7
parent 6bbebcf36c
1 changed files with 1 additions and 1 deletions
--- a/src/userauth.c
+++ b/src/userauth.c
@ -472,7 +472,7 @@ file_read_publickey(LIBSSH2_SESSION * session, unsigned char **method,
        return _libssh2_error(session, LIBSSH2_ERROR_FILE,
                              "Unable to open public key file");
    }
-    while (!feof(fd) && (c = fgetc(fd)) != '\r' && c != '\n')
+    while (!feof(fd) && 1 == fread(&c, 1, 1, fd) && c != '\r' && c != '\n')
        pubkey_len++;
    if (feof(fd)) {
        /* the last character was EOF */