File libssh2_org-CVE-2019-3861.patch of Package libssh2_org.13039

commit b6525c924313f6127287edc945a3a787f9aff158
Author: Michael Buckley <michael@panic.com>
Date:   Tue Dec 4 12:44:26 2018 -0800

    Sanitize padding_length - _libssh2_transport_read().
    
    This prevents an underflow resulting in a potential out-of-bounds read if a server sends a too-large padding_length, possibly with malicious intent.

Index: src/transport.c
===================================================================
--- src/transport.c.orig
+++ src/transport.c
@@ -438,6 +438,9 @@ int _libssh2_transport_read(LIBSSH2_SESS
                 return LIBSSH2_ERROR_DECRYPT;
 
             p->padding_length = block[4];
+	    if ( p->padding_length > p->packet_length - 1 ) {
+		return LIBSSH2_ERROR_DECRYPT;
+	    }
             if(p->packet_length < 1) {
                 return LIBSSH2_ERROR_DECRYPT;
             }