Upstream-Status: Backport

Fix for CVE-2014-2532

Backported from openssh-6.6p1.tar.gz

Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
---
--- a/session.c
+++ b/session.c
@@ -955,6 +955,11 @@
 	u_int envsize;
 	u_int i, namelen;
 
+	if (strchr(name, '=') != NULL) {
+		error("Invalid environment variable \"%.100s\"", name);
+		return;
+	}
+
 	/*
 	 * If we're passed an uninitialized list, allocate a single null
 	 * entry before continuing.