Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-12-SP2:GA
libssh2_org.11463
libssh2_org-CVE-2019-3857.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File libssh2_org-CVE-2019-3857.patch of Package libssh2_org.11463
commit 63ee1c6ec984c38013ac4630d7935505ba8c1630 Author: Will Cosgrove <will@panic.com> Date: Mon Mar 4 15:12:26 2019 -0800 fixed integer overflow in userauth_keyboard_interactive Index: include/libssh2.h =================================================================== --- include/libssh2.h.orig +++ include/libssh2.h @@ -71,6 +71,18 @@ */ #define LIBSSH2_VERSION_NUM 0x010403 +#ifndef SIZE_MAX +#if _WIN64 +#define SIZE_MAX 0xFFFFFFFFFFFFFFFF +#else +#define SIZE_MAX 0xFFFFFFFF +#endif +#endif + +#ifndef UINT_MAX +#define UINT_MAX 0xFFFFFFFF +#endif + /* * This is the date and time when the full source package was created. The * timestamp is not stored in the source code repo, as the timestamp is Index: src/packet.c =================================================================== --- src/packet.c.orig +++ src/packet.c @@ -793,8 +793,15 @@ _libssh2_packet_add(LIBSSH2_SESSION * se /* set signal name (without SIG prefix) */ uint32_t namelen = _libssh2_ntohu32(data + 9 + sizeof("exit-signal")); - channelp->exit_signal = - LIBSSH2_ALLOC(session, namelen + 1); + + if(namelen <= UINT_MAX - 1) { + channelp->exit_signal = + LIBSSH2_ALLOC(session, namelen + 1); + } + else { + channelp->exit_signal = NULL; + } + if (!channelp->exit_signal) rc = _libssh2_error(session, LIBSSH2_ERROR_ALLOC, "memory for signal name");
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor