===================================================================
RCS file: /cvsrepo/anoncvs/cvs/src/usr.bin/ssh/ssh-agent.c,v
retrieving revision 1.232
retrieving revision 1.233
diff -u -r1.232 -r1.233
--- src/usr.bin/ssh/ssh-agent.c	2018/11/09 02:57:58	1.232
+++ src/usr.bin/ssh/ssh-agent.c	2019/01/22 22:58:50	1.233
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssh-agent.c,v 1.232 2018/11/09 02:57:58 djm Exp $ */
+/* $OpenBSD: ssh-agent.c,v 1.233 2019/01/22 22:58:50 djm Exp $ */
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -81,6 +81,8 @@
 
 /* Maximum accepted message length */
 #define AGENT_MAX_LEN	(256*1024)
+/* Maximum bytes to read from client socket */
+#define AGENT_RBUF_LEN	(4096)
 
 typedef enum {
 	AUTH_UNUSED,
@@ -824,7 +826,7 @@
 static int
 handle_conn_read(u_int socknum)
 {
-	char buf[1024];
+	char buf[AGENT_RBUF_LEN];
 	ssize_t len;
 	int r;
 
@@ -931,6 +933,7 @@
 	struct pollfd *pfd = *pfdp;
 	size_t i, j, npfd = 0;
 	time_t deadline;
+	int r;
 
 	/* Count active sockets */
 	for (i = 0; i < sockets_alloc; i++) {
@@ -968,8 +971,19 @@
 		case AUTH_CONNECTION:
 			pfd[j].fd = sockets[i].fd;
 			pfd[j].revents = 0;
-			/* XXX backoff when input buffer full */
-			pfd[j].events = POLLIN;
+			/*
+			 * Only prepare to read if we can handle a full-size
+			 * input read buffer and enqueue a max size reply..
+			 */
+			if ((r = sshbuf_check_reserve(sockets[i].input,
+			    AGENT_RBUF_LEN)) == 0 &&
+			    (r = sshbuf_check_reserve(sockets[i].output,
+			     AGENT_MAX_LEN)) == 0)
+				pfd[j].events = POLLIN;
+			else if (r != SSH_ERR_NO_BUFFER_SPACE) {
+				fatal("%s: buffer error: %s",
+				    __func__, ssh_err(r));
+			}
 			if (sshbuf_len(sockets[i].output) > 0)
 				pfd[j].events |= POLLOUT;
 			j++;