Attachment #1367 for bug #1380

Lines 1258-1267 Link Here

(-)readconf.c (-4 lines)
1258	if (fwd->listen_port == 0 && fwd->connect_port == 0)	1258	if (fwd->listen_port == 0 && fwd->connect_port == 0)
1259	goto fail_free;	1259	goto fail_free;
1260		1260
1261	if (fwd->connect_host != NULL &&
1262	strlen(fwd->connect_host) >= NI_MAXHOST)
1263	goto fail_free;
1264
1265	return (i);	1261	return (i);
1266		1262
1267	fail_free:	1263	fail_free:

Lines 2525-2530 Link Here

(-)channels.c (+6 lines)
2525	if (num_permitted_opens >= SSH_MAX_FORWARDS_PER_DIRECTION)	2525	if (num_permitted_opens >= SSH_MAX_FORWARDS_PER_DIRECTION)
2526	fatal("channel_request_remote_forwarding: too many forwards");	2526	fatal("channel_request_remote_forwarding: too many forwards");
2527		2527
		2528	if (listen_host != NULL &&
		2529	strlen(listen_host) > SSH_CHANNEL_PATH_LEN - 1) {
		2530	error("Binding address too long.");
		2531	return 0;
		2532	}
		2533
2528	/* Send the forward request to the remote side. */	2534	/* Send the forward request to the remote side. */
2529	if (compat20) {	2535	if (compat20) {
2530	const char *address_to_bind;	2536	const char *address_to_bind;

Return to bug 1380