File libssh2_org-CVE-2020-22218.patch of Package libssh2_org

Overview Repositories Revisions Requests Users Attributes Meta

File libssh2_org-CVE-2020-22218.patch of Package libssh2_org

From 642eec48ff3adfdb7a9e562b6d7fc865d1733f45 Mon Sep 17 00:00:00 2001
From: lutianxiong <lutianxiong@huawei.com>
Date: Fri, 29 May 2020 01:25:40 +0800
Subject: [PATCH] transport.c: fix use-of-uninitialized-value (#476)

file:transport.c

notes:
return error if malloc(0)

credit:
lutianxiong
---
 src/transport.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

From 0b44e558f311671f6e6d14c559bc1c9bda59b8df Mon Sep 17 00:00:00 2001
From: Will Cosgrove <will@panic.com>
Date: Thu, 28 May 2020 14:20:08 -0700
Subject: [PATCH] transport.c: moving total_num check from #476 (#478)

file: transport.c

notes:
moving total_num zero length check from #476 up to the prior bounds check which already includes a total_num check. Makes it slightly more readable.

credit:
Will Cosgrove
---
 src/transport.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

Index: libssh2-1.4.3/src/transport.c
===================================================================
--- libssh2-1.4.3.orig/src/transport.c
+++ libssh2-1.4.3/src/transport.c
@@ -458,7 +458,7 @@ int _libssh2_transport_read(LIBSSH2_SESS
              * or less (including length, padding length, payload,
              * padding, and MAC.)."
              */
-            if (total_num > LIBSSH2_PACKET_MAXPAYLOAD) {
+            if (total_num > LIBSSH2_PACKET_MAXPAYLOAD || total_num == 0) {
                 return LIBSSH2_ERROR_OUT_OF_BOUNDARY;
             }

Places

File libssh2_org-CVE-2020-22218.patch of Package libssh2_org

Places