jonathancammack / rpms / openssh

Forked from rpms/openssh 8 months ago
Clone

Blame SOURCES/openssh-8.0p1-channel-limits.patch

be8127
diff -up openssh-8.0p1/channels.c.channel-limits openssh-8.0p1/channels.c
be8127
--- openssh-8.0p1/channels.c.channel-limits	2021-03-16 12:17:58.905576511 +0100
be8127
+++ openssh-8.0p1/channels.c	2021-03-16 12:17:58.925576667 +0100
be8127
@@ -354,6 +354,7 @@ channel_new(struct ssh *ssh, char *ctype
be8127
 	struct ssh_channels *sc = ssh->chanctxt;
be8127
 	u_int i, found;
be8127
 	Channel *c;
be8127
+	int r;
be8127
 
be8127
 	/* Try to find a free slot where to put the new channel. */
be8127
 	for (i = 0; i < sc->channels_alloc; i++) {
be8127
@@ -383,6 +384,8 @@ channel_new(struct ssh *ssh, char *ctype
be8127
 	    (c->output = sshbuf_new()) == NULL ||
be8127
 	    (c->extended = sshbuf_new()) == NULL)
be8127
 		fatal("%s: sshbuf_new failed", __func__);
be8127
+	if ((r = sshbuf_set_max_size(c->input, CHAN_INPUT_MAX)) != 0)
be8127
+		fatal("%s: sshbuf_set_max_size: %s", __func__, ssh_err(r));
be8127
 	c->ostate = CHAN_OUTPUT_OPEN;
be8127
 	c->istate = CHAN_INPUT_OPEN;
be8127
 	channel_register_fds(ssh, c, rfd, wfd, efd, extusage, nonblock, 0);
be8127
diff -up openssh-8.0p1/channels.h.channel-limits openssh-8.0p1/channels.h
be8127
--- openssh-8.0p1/channels.h.channel-limits	2021-03-16 12:17:58.868576223 +0100
be8127
+++ openssh-8.0p1/channels.h	2021-03-16 12:17:58.907576527 +0100
be8127
@@ -215,6 +215,9 @@ struct Channel {
be8127
 /* Read buffer size */
be8127
 #define CHAN_RBUF	(16*1024)
be8127
 
be8127
+/* Maximum channel input buffer size */
be8127
+#define CHAN_INPUT_MAX	(16*1024*1024)
be8127
+
be8127
 /* Hard limit on number of channels */
be8127
 #define CHANNELS_MAX_CHANNELS	(16*1024)
be8127