summaryrefslogtreecommitdiffstats
path: root/0009-libssh2-1.8.0-CVE-2019-3863.patch
diff options
context:
space:
mode:
Diffstat (limited to '0009-libssh2-1.8.0-CVE-2019-3863.patch')
-rw-r--r--0009-libssh2-1.8.0-CVE-2019-3863.patch40
1 files changed, 0 insertions, 40 deletions
diff --git a/0009-libssh2-1.8.0-CVE-2019-3863.patch b/0009-libssh2-1.8.0-CVE-2019-3863.patch
deleted file mode 100644
index 77615fd..0000000
--- a/0009-libssh2-1.8.0-CVE-2019-3863.patch
+++ /dev/null
@@ -1,40 +0,0 @@
-From 9ed3c716b63c77e9b52f71f2dae5464ade6143df Mon Sep 17 00:00:00 2001
-From: Kamil Dudka <kdudka@redhat.com>
-Date: Tue, 19 Mar 2019 13:47:41 +0100
-Subject: [PATCH] Resolves: CVE-2019-3863 - fix integer overflow in user
- authenticate keyboard interactive
-
-... that allows out-of-bounds writes
-
-Upstream-Patch: https://libssh2.org/1.8.0-CVE/CVE-2019-3863.patch
----
- src/userauth.c | 13 +++++++++++--
- 1 file changed, 11 insertions(+), 2 deletions(-)
-
-diff --git a/src/userauth.c b/src/userauth.c
-index 3946cf9..ee924c5 100644
---- a/src/userauth.c
-+++ b/src/userauth.c
-@@ -1808,8 +1808,17 @@ userauth_keyboard_interactive(LIBSSH2_SESSION * session,
-
- for(i = 0; i < session->userauth_kybd_num_prompts; i++) {
- /* string response[1] (ISO-10646 UTF-8) */
-- session->userauth_kybd_packet_len +=
-- 4 + session->userauth_kybd_responses[i].length;
-+ if(session->userauth_kybd_responses[i].length <=
-+ (SIZE_MAX - 4 - session->userauth_kybd_packet_len) ) {
-+ session->userauth_kybd_packet_len +=
-+ 4 + session->userauth_kybd_responses[i].length;
-+ }
-+ else {
-+ _libssh2_error(session, LIBSSH2_ERROR_ALLOC,
-+ "Unable to allocate memory for keyboard-"
-+ "interactive response packet");
-+ goto cleanup;
-+ }
- }
-
- /* A new userauth_kybd_data area is to be allocated, free the
---
-2.17.2
-
generated by cgit (git 2.34.1) at 2024-05-14 15:38:11 +0000