1
1
Граф коммитов

2554 Коммитов

Автор SHA1 Сообщение Дата
Aris Adamantiadis
63c3f0e736 Implement key re-exchange 2012-12-23 23:09:50 +01:00
Andreas Schneider
e934ab0816 BUG 82: Fix function names of ssh_forward_*. 2012-12-19 18:15:54 +01:00
Andreas Schneider
9fa53cd932 doc: Fix forward function names. 2012-12-19 18:10:16 +01:00
Andrew Collins
5cd7942801 Fix an invalid strlen comparison in ssh_message_auth_reply_default
During the transition to strncat in ssh_message_auth_reply_default,
an invalid strlen comparison was added which causes the function
to fail whenever it's called.

Signed-off-by: Andrew Collins <bsderandrew@gmail.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2012-12-19 16:03:49 +01:00
Andreas Schneider
de9bc1fa41 string: Fix memory leak in ssh_string_to_char().
This was probably a mistake by me fixing up a patch after merging.
2012-12-13 19:29:46 +01:00
Andreas Schneider
b14df297fa BUG 97: Fix strtoull() detection on serveral platforms. 2012-12-03 14:00:06 +01:00
Andreas Schneider
3896aa43ff BUG 96: Guard ntohll() and htonll prototypes correctly. 2012-12-03 13:44:02 +01:00
Andreas Schneider
da8d44ccba BUG 98: Use __attribute__ ((packed)) only with GCC. 2012-12-03 13:19:29 +01:00
Andreas Schneider
c6fc69fbdd BUG 97: Remove obsolete hsterror().
This function is pretty much obsolete on most platforms. The standard
errno should be used. If it is not enough on Windows we should use
WSAGetLastError() in future.
2012-12-03 13:08:17 +01:00
Andreas Schneider
ab8c7de6f8 BUG 94: Fix big endian issue. 2012-12-03 12:35:36 +01:00
Aris Adamantiadis
cd4e28e7c8 test: Try to fetch wrong values in buffer.
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2012-11-27 19:10:41 +01:00
Andreas Schneider
ea0e858de0 priv: Add BURN_BUFFER macro and make sure it isn't optimzed out. 2012-11-23 11:56:21 +01:00
Andreas Schneider
e403596d98 pki: Add a size limit for pubkey files. 2012-11-21 12:44:00 +01:00
Andreas Schneider
571dc42335 CVE-2012-4559: Make sure we don't free name and longname twice on error. 2012-11-14 17:36:24 +01:00
Andreas Schneider
68d04c8e47 CVE-2012-4559: Ensure that we don't free req twice. 2012-11-14 17:36:24 +01:00
Andreas Schneider
bd3acae4f3 CVE-2012-4560: Fix a write one past the end of 'buf'. 2012-11-14 17:36:24 +01:00
Andreas Schneider
894bbf3137 CVE-2012-4560: Fix a write one past the end of the 'u' buffer. 2012-11-14 17:36:24 +01:00
Andreas Schneider
f61813eaea CVE-2012-4562: Fix a possible infinite loop in buffer_reinit().
If needed is bigger than the highest power of two or a which fits in an
integer we will loop forever.
2012-11-14 17:36:22 +01:00
Xi Wang
ad5f306884 CVE-2012-4562: Fix multiple integer overflows in buffer-related functions. 2012-11-14 17:36:19 +01:00
Xi Wang
5ffb8c7cde CVE-2012-4562: Fix possible integer overflows. 2012-11-14 17:36:16 +01:00
Xi Wang
efaebad323 CVE-2012-4562: Fix possible integer overflow in ssh_get_hexa().
No exploit known, but it is better to check the string length.
2012-11-14 17:36:11 +01:00
Xi Wang
cab00c3bfc pki: Fix integer overflow in ssh_pki_import_privkey_file().
If the file size is ULONG_MAX, the call to malloc() may allocate a
small buffer, leading to a memory corruption.
2012-10-22 21:00:08 +02:00
Xi Wang
d404ad7152 channels: Fix integer overflow in generate_cookie().
Since the type of rnd[i] is signed char, (rnd[i] >> 4), which is
considered as arithmetic shift by gcc, could be negative, leading
to out-of-bounds read.
2012-10-22 21:00:08 +02:00
Andreas Schneider
a4ffaff550 channels1: Add missing request_state and set it to accepted.
This fixes bug #88.
2012-10-22 18:05:06 +02:00
Andreas Schneider
e164b236c6 auth1: Reset error state to no error.
This fixes bug #89.
2012-10-22 18:01:39 +02:00
Andreas Schneider
166ccef8dc session: Fix a possible use after free in ssh_free().
We need to cleanup the channels first cause we call ssh_channel_close()
on the channels which still require a working socket and poll context.

Thanks to sh4rm4!
2012-10-22 17:37:32 +02:00
Andreas Schneider
f2e498c7db cmake: Set GNU compiler flags also for clang. 2012-10-22 16:05:39 +02:00
Andreas Schneider
dde0404dfb cmake: Add message if we build with static library. 2012-10-15 11:55:42 +02:00
Andreas Schneider
f86b2bf743 doc: Update copyright policy. 2012-10-14 19:58:07 +02:00
Andreas Schneider
13c26f0733 options: Fix documentation of ssh_options_get_port(). 2012-10-14 19:53:51 +02:00
Andreas Schneider
f5d8bdf946 doc: Update doxygen config. 2012-10-14 19:52:28 +02:00
Andreas Schneider
f4f2237263 doc: Use the correct channel functions. 2012-10-14 19:44:02 +02:00
Andreas Schneider
7e93edc722 cmake: Add better check to detect -fvisibility=hidden. 2012-10-14 18:40:05 +02:00
Andreas Schneider
95ab34696b kex: Use getter functions to access kex arrays.
This should fix the build on OpenIndiana.
2012-10-12 17:46:37 +02:00
Andreas Schneider
82711acd39 cmake: Fix building with gcrypt support. 2012-10-12 17:07:20 +02:00
Andreas Schneider
e8118c5be4 tests: Add a valgrind suppression for getaddrino leak.
https://bugzilla.redhat.com/show_bug.cgi?id=859717
2012-10-12 14:45:54 +02:00
Andreas Schneider
a59a379ce4 tests: Add a valgrind suppression for OPENSSL_cleanse(). 2012-10-12 14:45:54 +02:00
Andreas Schneider
0bd2bbefa7 scp: Make sure buffer is initialzed.
Found by Coverity.
2012-10-12 14:45:54 +02:00
Andreas Schneider
3d390cf6ff pki: Make sure the key_buf is null terminated.
Found by Coverity.
2012-10-12 14:45:54 +02:00
Andreas Schneider
e04dc45f20 misc: Use a fixed buffer for getenv(). 2012-10-12 14:45:54 +02:00
Andreas Schneider
de34a64895 poll: Fix sizeof in ssh_poll_ctx_resize().
sizeof(ssh_poll_handle *) is to be equal to sizeof(ssh_poll_handle), but
this is not a portable assumption.

Found by Coverity.
2012-10-12 14:45:54 +02:00
Andreas Schneider
46f22576b0 legacy: Use snprintf instead of sprintf.
Found by Coverity.
2012-10-12 14:45:54 +02:00
Andreas Schneider
2f8ddc6e65 dh: Don't use strcat for ssh_get_hexa().
This is just hardening the code.

Found by Coverity.
2012-10-12 14:45:54 +02:00
Andreas Schneider
b1287cd946 server: Use strncat instead of strcat.
This is just hardening the code.

Found by Coverity.
2012-10-12 14:45:54 +02:00
Andreas Schneider
a660177a6e misc: Use strncpy instead of strcat.
This is just hardening the code.

Found by Coverity.
2012-10-12 14:45:36 +02:00
Andreas Schneider
0a4ea19982 pki: Fix a possible null pointer dereference.
Found by Coverity.
2012-10-12 08:07:02 +02:00
Andreas Schneider
0bf2dd81e6 messages: Fix memory leaks in user request callback. 2012-10-12 08:07:02 +02:00
Andreas Schneider
ecb6cfd053 connect: Don't leak the addressinfo on error. 2012-10-12 08:07:02 +02:00
Andreas Schneider
ba220adb84 connect: Don't leak the file descriptor on error.
Found by Coverity.
2012-10-12 08:07:02 +02:00
Andreas Schneider
802e4133cb session: Don't leak memory in ssh_send_debug().
Found by Coverity.
2012-10-12 08:07:02 +02:00