Overview

File libssh2_org-CVE-2019-3863.patch of Package libssh2_org.10556

Index: libssh2-1.8.0/src/userauth.c
===================================================================
--- libssh2-1.8.0.orig/src/userauth.c
+++ libssh2-1.8.0/src/userauth.c
@@ -1831,8 +1831,17 @@ userauth_keyboard_interactive(LIBSSH2_SE
 
             for(i = 0; i < session->userauth_kybd_num_prompts; i++) {
                 /* string    response[1] (ISO-10646 UTF-8) */
-                session->userauth_kybd_packet_len +=
-                    4 + session->userauth_kybd_responses[i].length;
+                 if(session->userauth_kybd_responses[i].length <=
+                   (SIZE_MAX - 4 - session->userauth_kybd_packet_len) ) {
+                    session->userauth_kybd_packet_len +=
+                        4 + session->userauth_kybd_responses[i].length;
+                }
+                else {
+                    _libssh2_error(session, LIBSSH2_ERROR_ALLOC,
+                                   "Unable to allocate memory for keyboard-"
+                                   "interactive response packet");
+                    goto cleanup;
+                }
             }
 
             /* A new userauth_kybd_data area is to be allocated, free the
openSUSE Build Service is sponsored by
Places