upstream commit

fix some -Wpointer-sign warnings in the new mux proxy; ok
markus@

Upstream-ID: b1ba7b3769fbc6b7f526792a215b0197f5e55dfd

Author: djmdjm

Diff for: channels.c

@@ -1,4 +1,4 @@
-/* $OpenBSD: channels.c,v 1.354 2016/09/30 09:19:13 markus Exp $ */
+/* $OpenBSD: channels.c,v 1.355 2016/09/30 20:24:46 djm Exp $ */
 /*
  * Author: Tatu Ylonen <[email protected]>
  * Copyright (c) 1995 Tatu Ylonen <[email protected]>, Espoo, Finland
@@ -2472,7 +2472,8 @@ channel_proxy_downstream(Channel *downstream)
 	char *ctype = NULL, *listen_host = NULL;
 	u_char type;
 	size_t have;
-	int ret = -1, r, id, remote_id, listen_port, idx;
+	int ret = -1, r, idx;
+	u_int id, remote_id, listen_port;
 
 	/* sshbuf_dump(&downstream->input, stderr); */
 	if ((r = sshbuf_get_string_direct(&downstream->input, &cp, &have))
@@ -2563,14 +2564,19 @@ channel_proxy_downstream(Channel *downstream)
 			error("%s: parse error %s", __func__, ssh_err(r));
 			goto out;
 		}
+		if (listen_port > 65535) {
+			error("%s: tcpip-forward for %s: bad port %u",
+			    __func__, listen_host, listen_port);
+			goto out;
+		}
 		/* Record that connection to this host/port is permitted. */
 		permitted_opens = xreallocarray(permitted_opens,
 		    num_permitted_opens + 1, sizeof(*permitted_opens));
 		idx = num_permitted_opens++;
 		permitted_opens[idx].host_to_connect = xstrdup("<mux>");
 		permitted_opens[idx].port_to_connect = -1;
 		permitted_opens[idx].listen_host = listen_host;
-		permitted_opens[idx].listen_port = listen_port;
+		permitted_opens[idx].listen_port = (int)listen_port;
 		permitted_opens[idx].downstream = downstream;
 		listen_host = NULL;
 		break;