===================================================================
RCS file: /cvsrepo/anoncvs/cvs/src/usr.bin/ssh/session.c,v
retrieving revision 1.141
retrieving revision 1.142
diff -u -r1.141 -r1.142
--- src/usr.bin/ssh/session.c	2002/06/26 08:58:26	1.141
+++ src/usr.bin/ssh/session.c	2002/06/26 13:49:26	1.142
@@ -33,7 +33,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: session.c,v 1.141 2002/06/26 08:58:26 markus Exp $");
+RCSID("$OpenBSD: session.c,v 1.142 2002/06/26 13:49:26 deraadt Exp $");
 
 #include "ssh.h"
 #include "ssh1.h"
@@ -781,12 +781,15 @@
 	FILE *f;
 	char buf[4096];
 	char *cp, *value;
+	u_int lineno = 0;
 
 	f = fopen(filename, "r");
 	if (!f)
 		return;
 
 	while (fgets(buf, sizeof(buf), f)) {
+		if (++lineno > 1000)
+			fatal("Too many lines in environment file %s", filename);
 		for (cp = buf; *cp == ' ' || *cp == '\t'; cp++)
 			;
 		if (!*cp || *cp == '#' || *cp == '\n')
@@ -795,7 +798,8 @@
 			*strchr(cp, '\n') = '\0';
 		value = strchr(cp, '=');
 		if (value == NULL) {
-			fprintf(stderr, "Bad line in %.100s: %.200s\n", filename, buf);
+			fprintf(stderr, "Bad line %u in %.100s\n", lineno,
+			    filename);
 			continue;
 		}
 		/*