===================================================================
RCS file: /cvsrepo/anoncvs/cvs/src/usr.bin/ssh/auth2-chall.c,v
retrieving revision 1.43
retrieving revision 1.44
diff -u -r1.43 -r1.44
--- src/usr.bin/ssh/auth2-chall.c	2015/07/18 07:57:14	1.43
+++ src/usr.bin/ssh/auth2-chall.c	2016/05/02 08:49:03	1.44
@@ -1,4 +1,4 @@
-/* $OpenBSD: auth2-chall.c,v 1.43 2015/07/18 07:57:14 djm Exp $ */
+/* $OpenBSD: auth2-chall.c,v 1.44 2016/05/02 08:49:03 djm Exp $ */
 /*
  * Copyright (c) 2001 Markus Friedl.  All rights reserved.
  * Copyright (c) 2001 Per Allansson.  All rights reserved.
@@ -76,8 +76,8 @@
 			buffer_append(&b, devices[i]->name,
 			    strlen(devices[i]->name));
 		}
-		buffer_append(&b, "\0", 1);
-		kbdintctxt->devices = xstrdup(buffer_ptr(&b));
+		if ((kbdintctxt->devices = sshbuf_dup_string(&b)) == NULL)
+			fatal("%s: sshbuf_dup_string failed", __func__);
 		buffer_free(&b);
 	} else {
 		kbdintctxt->devices = xstrdup(devs);