File libssh2_org-CVE-2019-3856.patch of Package libssh2_org.13039

diff --git a/src/userauth.c b/src/userauth.c
index cdfa25e..3946cf9 100644
--- a/src/userauth.c
+++ b/src/userauth.c
@@ -1734,6 +1734,13 @@ userauth_keyboard_interactive(LIBSSH2_SESSION * session,
             /* int       num-prompts */
             session->userauth_kybd_num_prompts = _libssh2_ntohu32(s);
             s += 4;
+            if(session->userauth_kybd_num_prompts && 
+               session->userauth_kybd_num_prompts > 100) {
+               _libssh2_error(session, LIBSSH2_ERROR_OUT_OF_BOUNDARY,
+                              "Too many replies for "
+                              "keyboard-interactive prompts");
+               goto cleanup;
+            }
 
             if(session->userauth_kybd_num_prompts) {
                 session->userauth_kybd_prompts =