File libssh-CVE-2025-8114.patch of Package libssh.41814

From 53ac23ded4cb2c5463f6c4cd1525331bd578812d Mon Sep 17 00:00:00 2001
From: Andreas Schneider <asn@cryptomilk.org>
Date: Wed, 6 Aug 2025 15:17:59 +0200
Subject: [PATCH] CVE-2025-8114: Fix NULL pointer dereference after allocation
 failure

Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
---
 src/dh.c | 4 ++++
 1 file changed, 4 insertions(+)

Index: libssh-0.6.3/src/dh.c
===================================================================
--- libssh-0.6.3.orig/src/dh.c
+++ libssh-0.6.3/src/dh.c
@@ -753,6 +753,8 @@ int make_sessionid(ssh_session session)
   ssh_print_hexa("hash buffer", ssh_buffer_get_begin(buf), ssh_buffer_get_len(buf));
 #endif
 
+  /* Set rc for the following switch statement in case we goto error. */
+  rc = SSH_ERROR;
   switch(session->next_crypto->kex_type){
     case SSH_KEX_DH_GROUP1_SHA1:
     case SSH_KEX_DH_GROUP14_SHA1:
@@ -779,6 +781,7 @@ int make_sessionid(ssh_session session)
           session->next_crypto->secret_hash);
       break;
   }
+
   /* During the first kex, secret hash and session ID are equal. However, after
    * a key re-exchange, a new secret hash is calculated. This hash will not replace
    * but complement existing session id.
@@ -787,6 +790,7 @@ int make_sessionid(ssh_session session)
       session->next_crypto->session_id = malloc(session->next_crypto->digest_len);
       if (session->next_crypto->session_id == NULL){
           ssh_set_error_oom(session);
+          rc = SSH_ERROR;
           goto error;
       }
       memcpy(session->next_crypto->session_id, session->next_crypto->secret_hash,