Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
openSUSE:Evergreen:11.2
libssh
0001-CVE-2012-4562-Fix-possible-integer-overflo...
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File 0001-CVE-2012-4562-Fix-possible-integer-overflow-in-ssh_g.patch of Package libssh
From 8489521c0d7a9d1336b23a4a64e5df2d0f3ba57a Mon Sep 17 00:00:00 2001 From: Xi Wang <xi.wang@gmail.com> Date: Fri, 25 Nov 2011 23:02:06 -0500 Subject: [PATCH 01/13] CVE-2012-4562: Fix possible integer overflow in ssh_get_hexa(). No exploit known, but it is better to check the string length. Signed-off-by: Andreas Schneider <asn@cryptomilk.org> --- src/dh.c | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/src/dh.c b/src/dh.c index ec291d3..9b9d203 100644 --- a/libssh/dh.c +++ b/libssh/dh.c @@ -44,6 +44,7 @@ #include <stdio.h> #include <stdlib.h> #include <string.h> +#include <limits.h> #ifndef _WIN32 #include <netinet/in.h> @@ -194,6 +195,9 @@ char *ssh_get_hexa(const unsigned char *what, size_t len) { char *hexa = NULL; size_t i; + if (len > (UINT_MAX - 1) / 3) + return NULL; + hexa = malloc(len * 3 + 1); if (hexa == NULL) { return NULL; -- 1.8.0
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor