Andreas Schneider
01493b8d47
tests: Don't leak memory.
2013-06-13 15:42:13 +02:00
Andreas Schneider
1a894e2cf2
client: Fix possible NULL pointer dereference.
2013-06-13 11:46:17 +02:00
Andreas Schneider
b8a3e5ffe3
known_hosts: Fix readablity.
2013-06-13 11:08:37 +02:00
Andreas Schneider
09663692dd
pki: Use fstat() after opening the file.
2013-06-13 11:04:59 +02:00
Andreas Schneider
a03d8f49fb
examples: Fix a use after free in scp example.
2013-06-13 10:55:12 +02:00
Andreas Schneider
abd6b8004e
kex: Fix a double free.
2013-06-13 10:51:12 +02:00
Andreas Schneider
e3c5096fcf
server: Fix a double free.
2013-06-13 10:48:50 +02:00
Andreas Schneider
51a531f4a7
tests: Check the return value of write.
2013-06-11 09:59:22 +02:00
Andreas Schneider
fcf8af20f8
BUG 103: Fix ProxyCommand parsing.
2013-06-02 19:29:28 +02:00
Andreas Schneider
2d28ee7d22
config: Rename ssh_config_get_str().
2013-06-02 18:54:16 +02:00
Andreas Schneider
e41482fec4
opts: Fix segfault in option parser.
2013-06-02 18:34:39 +02:00
Andreas Schneider
992f00b145
getpass: Don't fail if stdin is not a tty.
...
We don't need to manipulate the tty state (such as turning off echo)
when prompting for passwords if we're not reading from a tty.
2013-04-05 14:14:22 +02:00
Andreas Schneider
24e94d53e9
cmake: Fix installation path for some strange platforms.
2013-03-20 09:38:03 +01:00
Andreas Schneider
8455d79bb6
priv: Make really sure memset doesn't get optimzed out.
2013-03-13 15:37:51 +01:00
Aris Adamantiadis
222a0d78ca
poll: return error on poll() when pollset is empty
2013-02-26 23:52:25 +01:00
Andreas Schneider
e471aa4e0b
cmake: Fix config include dir variable name.
2013-02-13 15:30:23 +01:00
Andreas Schneider
5d6cab4b14
cmake: Add cmake config files for new find_package() mode.
2013-02-12 13:32:34 +01:00
Andreas Schneider
afe4c92bbf
cmake: Fix setting -D_FORTIFY_SOURCE=2.
2013-02-07 17:02:51 +01:00
Johannes Krude
186116f34a
socket: Call data handler as long as handler takes data.
...
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2013-01-29 10:56:49 +01:00
Andreas Schneider
b2f52799c2
include: Fix the LGPL header.
...
This has been reported by rpmlint:
libssh-devel.x86_64: W: incorrect-fsf-address libssh.h
2013-01-23 00:22:46 +01:00
Andreas Schneider
915781381e
BUG 99: Fix string function if no build type is set.
2013-01-22 16:28:25 +01:00
Andreas Schneider
21a45e89c5
options: Fix a free crash bug if we parse unknown options.
...
Thanks to Yong Chuan Koh, X-Force Research <kohyc@sg.ibm.com>
2013-01-22 11:32:47 +01:00
Aris Adamantiadis
de096910b3
Report according status when errors are detected
2012-12-27 22:01:37 +01:00
Aris Adamantiadis
ce33633bcb
Test for bug #64 , ssh_channel_read doesn't detect errors
2012-12-27 22:01:08 +01:00
Andreas Schneider
fb3f649c76
cmake: Only set -D_FORTIFY_SOURCE=2 if we have optimizations.
2012-12-25 17:35:07 +01:00
Aris Adamantiadis
5dfc474fa8
Benchmarks: parse config files
2012-12-23 23:10:52 +01:00
Aris Adamantiadis
6d61c3ce4a
Fix channel_write to wait during key reexchanges
2012-12-23 23:10:29 +01:00
Aris Adamantiadis
63c3f0e736
Implement key re-exchange
2012-12-23 23:09:50 +01:00
Andreas Schneider
e934ab0816
BUG 82: Fix function names of ssh_forward_*.
2012-12-19 18:15:54 +01:00
Andreas Schneider
9fa53cd932
doc: Fix forward function names.
2012-12-19 18:10:16 +01:00
Andrew Collins
5cd7942801
Fix an invalid strlen comparison in ssh_message_auth_reply_default
...
During the transition to strncat in ssh_message_auth_reply_default,
an invalid strlen comparison was added which causes the function
to fail whenever it's called.
Signed-off-by: Andrew Collins <bsderandrew@gmail.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2012-12-19 16:03:49 +01:00
Andreas Schneider
de9bc1fa41
string: Fix memory leak in ssh_string_to_char().
...
This was probably a mistake by me fixing up a patch after merging.
2012-12-13 19:29:46 +01:00
Andreas Schneider
b14df297fa
BUG 97: Fix strtoull() detection on serveral platforms.
2012-12-03 14:00:06 +01:00
Andreas Schneider
3896aa43ff
BUG 96: Guard ntohll() and htonll prototypes correctly.
2012-12-03 13:44:02 +01:00
Andreas Schneider
da8d44ccba
BUG 98: Use __attribute__ ((packed)) only with GCC.
2012-12-03 13:19:29 +01:00
Andreas Schneider
c6fc69fbdd
BUG 97: Remove obsolete hsterror().
...
This function is pretty much obsolete on most platforms. The standard
errno should be used. If it is not enough on Windows we should use
WSAGetLastError() in future.
2012-12-03 13:08:17 +01:00
Andreas Schneider
ab8c7de6f8
BUG 94: Fix big endian issue.
2012-12-03 12:35:36 +01:00
Aris Adamantiadis
cd4e28e7c8
test: Try to fetch wrong values in buffer.
...
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2012-11-27 19:10:41 +01:00
Andreas Schneider
ea0e858de0
priv: Add BURN_BUFFER macro and make sure it isn't optimzed out.
2012-11-23 11:56:21 +01:00
Andreas Schneider
e403596d98
pki: Add a size limit for pubkey files.
2012-11-21 12:44:00 +01:00
Andreas Schneider
571dc42335
CVE-2012-4559: Make sure we don't free name and longname twice on error.
2012-11-14 17:36:24 +01:00
Andreas Schneider
68d04c8e47
CVE-2012-4559: Ensure that we don't free req twice.
2012-11-14 17:36:24 +01:00
Andreas Schneider
bd3acae4f3
CVE-2012-4560: Fix a write one past the end of 'buf'.
2012-11-14 17:36:24 +01:00
Andreas Schneider
894bbf3137
CVE-2012-4560: Fix a write one past the end of the 'u' buffer.
2012-11-14 17:36:24 +01:00
Andreas Schneider
f61813eaea
CVE-2012-4562: Fix a possible infinite loop in buffer_reinit().
...
If needed is bigger than the highest power of two or a which fits in an
integer we will loop forever.
2012-11-14 17:36:22 +01:00
Xi Wang
ad5f306884
CVE-2012-4562: Fix multiple integer overflows in buffer-related functions.
2012-11-14 17:36:19 +01:00
Xi Wang
5ffb8c7cde
CVE-2012-4562: Fix possible integer overflows.
2012-11-14 17:36:16 +01:00
Xi Wang
efaebad323
CVE-2012-4562: Fix possible integer overflow in ssh_get_hexa().
...
No exploit known, but it is better to check the string length.
2012-11-14 17:36:11 +01:00
Xi Wang
cab00c3bfc
pki: Fix integer overflow in ssh_pki_import_privkey_file().
...
If the file size is ULONG_MAX, the call to malloc() may allocate a
small buffer, leading to a memory corruption.
2012-10-22 21:00:08 +02:00
Xi Wang
d404ad7152
channels: Fix integer overflow in generate_cookie().
...
Since the type of rnd[i] is signed char, (rnd[i] >> 4), which is
considered as arithmetic shift by gcc, could be negative, leading
to out-of-bounds read.
2012-10-22 21:00:08 +02:00