Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
openSUSE:Evergreen:11.2:Test
libssh
0009-CVE-2012-4559-Make-sure-we-don-t-free-name...
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File 0009-CVE-2012-4559-Make-sure-we-don-t-free-name-and-longn.patch of Package libssh
Subject: [PATCH 09/13] CVE-2012-4559: Make sure we don't free name and longname twice on error. --- libssh-0.3.4/libssh/sftp.c.orig 2012-12-19 17:31:47.494894578 +0100 +++ libssh-0.3.4/libssh/sftp.c 2012-12-19 17:37:57.723436239 +0100 @@ -950,19 +950,27 @@ /* This isn't really a loop, but it is like a try..catch.. */ do { if (expectname) { - if ((name = buffer_get_ssh_string(buf)) == NULL || - (attr->name = string_to_char(name)) == NULL) { - break; + name = buffer_get_ssh_string(buf); + if (name == NULL) { + break; } + attr->name = string_to_char(name); string_free(name); + if (attr->name == NULL) { + break; + } ssh_log(sftp->session, SSH_LOG_RARE, "Name: %s", attr->name); - if ((longname=buffer_get_ssh_string(buf)) == NULL || - (attr->longname=string_to_char(longname)) == NULL) { - break; + longname = buffer_get_ssh_string(buf); + if (longname == NULL) { + break; } + attr->longname = string_to_char(longname); string_free(longname); + if (attr->longname == NULL) { + break; + } } if (buffer_get_u32(buf, &flags) != sizeof(u32)) {
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor