===================================================================
RCS file: /cvsrepo/anoncvs/cvs/src/usr.bin/ssh/misc.c,v
retrieving revision 1.99
retrieving revision 1.100
diff -u -r1.99 -r1.100
--- src/usr.bin/ssh/misc.c	2015/10/24 08:34:09	1.99
+++ src/usr.bin/ssh/misc.c	2015/12/04 21:51:06	1.100
@@ -1,4 +1,4 @@
-/* $OpenBSD: misc.c,v 1.99 2015/10/24 08:34:09 sthen Exp $ */
+/* $OpenBSD: misc.c,v 1.100 2015/12/04 21:51:06 tobias Exp $ */
 /*
  * Copyright (c) 2000 Markus Friedl.  All rights reserved.
  * Copyright (c) 2005,2006 Damien Miller.  All rights reserved.
@@ -587,6 +587,8 @@
 		/* %% case */
 		if (*string == '%')
 			goto append;
+		if (*string == '\0')
+			fatal("%s: invalid format", __func__);
 		for (j = 0; j < num_keys; j++) {
 			if (strchr(keys[j].key, *string) != NULL) {
 				i = strlcat(buf, keys[j].repl, sizeof(buf));