Blame SOURCES/0016-libssh2-1.8.0-CVE-2020-22218.patch

65dec4
diff -up libssh2-1.8.0/src/transport.c.diff libssh2-1.8.0/src/transport.c
65dec4
--- libssh2-1.8.0/src/transport.c.diff	2023-09-20 12:21:55.121219631 -0400
65dec4
+++ libssh2-1.8.0/src/transport.c	2023-09-20 12:24:26.694051411 -0400
65dec4
@@ -460,7 +460,7 @@ int _libssh2_transport_read(LIBSSH2_SESS
65dec4
              * or less (including length, padding length, payload,
65dec4
              * padding, and MAC.)."
65dec4
              */
65dec4
-            if (total_num > LIBSSH2_PACKET_MAXPAYLOAD) {
65dec4
+            if (total_num > LIBSSH2_PACKET_MAXPAYLOAD || total_num == 0) {
65dec4
                 return LIBSSH2_ERROR_OUT_OF_BOUNDARY;
65dec4
             }
65dec4