File CVE-2016-0787.patch of Package libssh2_org

Overview Repositories Revisions Requests Users Attributes Meta

File CVE-2016-0787.patch of Package libssh2_org

From 8a453a7b0f1e667b7369eb73b00843a8decdecc9 Mon Sep 17 00:00:00 2001
From: Daniel Stenberg <daniel@haxx.se>
Date: Thu, 11 Feb 2016 13:52:20 +0100
Subject: [PATCH] diffie_hellman_sha256: convert bytes to bits

As otherwise we get far too small numbers.

CVE-2016-0787
---
 src/kex.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

Index: libssh2-1.4.3/src/kex.c
===================================================================
--- libssh2-1.4.3.orig/src/kex.c	2016-02-22 17:28:48.097485068 +0100
+++ libssh2-1.4.3/src/kex.c	2016-02-22 17:28:48.104485180 +0100
@@ -103,7 +103,7 @@ static int diffie_hellman_sha1(LIBSSH2_S
         memset(&exchange_state->req_state, 0, sizeof(packet_require_state_t));
 
         /* Generate x and e */
-        _libssh2_bn_rand(exchange_state->x, group_order, 0, -1);
+        _libssh2_bn_rand(exchange_state->x, group_order * 8 - 1, 0, -1);
         _libssh2_bn_mod_exp(exchange_state->e, g, exchange_state->x, p,
                             exchange_state->ctx);

Places

File CVE-2016-0787.patch of Package libssh2_org

Places