Tree - rpms/libssh - CentOS Git server

rpms / libssh

Blame SOURCES/libssh-0.9.4-fix-cve-2020-16135.patch

Blob History Raw

		859a84	`diff -up libssh-0.9.4/src/buffer.c.fix-cve-2020-16135 libssh-0.9.4/src/buffer.c`
		859a84	`--- libssh-0.9.4/src/buffer.c.fix-cve-2020-16135 2021-04-21 10:27:53.562473773 +0200`
		859a84	`+++ libssh-0.9.4/src/buffer.c 2021-04-21 10:29:21.768165663 +0200`
		859a84	`@@ -299,6 +299,10 @@ int ssh_buffer_reinit(struct ssh_buffer_`
		859a84	`*/`
		859a84	`int ssh_buffer_add_data(struct ssh_buffer_struct buffer, const void data, uint32_t len)`
		859a84	`{`
		859a84	`+ if (buffer == NULL) {`
		859a84	`+ return -1;`
		859a84	`+ }`
		859a84	`+`
		859a84	`buffer_verify(buffer);`
		859a84
		859a84	`if (data == NULL) {`
		859a84	`diff -up libssh-0.9.4/src/sftpserver.c.fix-cve-2020-16135 libssh-0.9.4/src/sftpserver.c`
		859a84	`--- libssh-0.9.4/src/sftpserver.c.fix-cve-2020-16135 2021-04-21 10:30:43.864796642 +0200`
		859a84	`+++ libssh-0.9.4/src/sftpserver.c 2021-04-21 10:41:52.166933113 +0200`
		859a84	`@@ -67,9 +67,20 @@ sftp_client_message sftp_get_client_mess`
		859a84
		859a84	`/* take a copy of the whole packet */`
		859a84	`msg->complete_message = ssh_buffer_new();`
		859a84	`- ssh_buffer_add_data(msg->complete_message,`
		859a84	`- ssh_buffer_get(payload),`
		859a84	`- ssh_buffer_get_len(payload));`
		859a84	`+ if (msg->complete_message == NULL) {`
		859a84	`+ ssh_set_error_oom(session);`
		859a84	`+ sftp_client_message_free(msg);`
		859a84	`+ return NULL;`
		859a84	`+ }`
		859a84	`+`
		859a84	`+ rc = ssh_buffer_add_data(msg->complete_message,`
		859a84	`+ ssh_buffer_get(payload),`
		859a84	`+ ssh_buffer_get_len(payload));`
		859a84	`+ if (rc < 0) {`
		859a84	`+ ssh_set_error_oom(session);`
		859a84	`+ sftp_client_message_free(msg);`
		859a84	`+ return NULL;`
		859a84	`+ }`
		859a84
		859a84	`ssh_buffer_get_u32(payload, &msg->id);`
		859a84

rpms / libssh

Source Code

Blame SOURCES/libssh-0.9.4-fix-cve-2020-16135.patch