Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
openSUSE:Leap:15.5:Update
libssh2_org.13039
libssh2_org-CVE-2019-3856.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File libssh2_org-CVE-2019-3856.patch of Package libssh2_org.13039
diff --git a/src/userauth.c b/src/userauth.c index cdfa25e..3946cf9 100644 --- a/src/userauth.c +++ b/src/userauth.c @@ -1734,6 +1734,13 @@ userauth_keyboard_interactive(LIBSSH2_SESSION * session, /* int num-prompts */ session->userauth_kybd_num_prompts = _libssh2_ntohu32(s); s += 4; + if(session->userauth_kybd_num_prompts && + session->userauth_kybd_num_prompts > 100) { + _libssh2_error(session, LIBSSH2_ERROR_OUT_OF_BOUNDARY, + "Too many replies for " + "keyboard-interactive prompts"); + goto cleanup; + } if(session->userauth_kybd_num_prompts) { session->userauth_kybd_prompts =
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor