File openssh-6.6p1-kex_resource_depletion.patch of Package openssh.10219

# HG changeset patch
# Parent  53382674798009ab480d8d9dd2466ceafbafa2a9
Prevent memory depletion during key exchange

CVE-2016-8858
bsc#1005480

backport of upstream commit ec165c392ca54317dbe3064a8c200de6531e89ad

diff --git a/openssh-6.6p1/kex.c b/openssh-6.6p1/kex.c
--- a/openssh-6.6p1/kex.c
+++ b/openssh-6.6p1/kex.c
@@ -342,16 +342,17 @@ kex_input_kexinit(int type, u_int32_t se
 	char *ptr;
 	u_int i, dlen;
 	Kex *kex = (Kex *)ctxt;
 
 	debug("SSH2_MSG_KEXINIT received");
 	if (kex == NULL)
 		fatal("kex_input_kexinit: no kex, cannot rekey");
 
+	dispatch_set(SSH2_MSG_KEXINIT, NULL);
 	ptr = packet_get_raw(&dlen);
 	buffer_append(&kex->peer, ptr, dlen);
 
 	/* discard packet */
 	for (i = 0; i < KEX_COOKIE_LEN; i++)
 		packet_get_char();
 	for (i = 0; i < PROPOSAL_MAX; i++)
 		free(packet_get_string(NULL));
openSUSE Build Service is sponsored by