1
1
Граф коммитов

2731 Коммитов

Автор SHA1 Сообщение Дата
Andreas Schneider
01493b8d47 tests: Don't leak memory. 2013-06-13 15:42:13 +02:00
Andreas Schneider
1a894e2cf2 client: Fix possible NULL pointer dereference. 2013-06-13 11:46:17 +02:00
Andreas Schneider
b8a3e5ffe3 known_hosts: Fix readablity. 2013-06-13 11:08:37 +02:00
Andreas Schneider
09663692dd pki: Use fstat() after opening the file. 2013-06-13 11:04:59 +02:00
Andreas Schneider
a03d8f49fb examples: Fix a use after free in scp example. 2013-06-13 10:55:12 +02:00
Andreas Schneider
abd6b8004e kex: Fix a double free. 2013-06-13 10:51:12 +02:00
Andreas Schneider
e3c5096fcf server: Fix a double free. 2013-06-13 10:48:50 +02:00
Andreas Schneider
51a531f4a7 tests: Check the return value of write. 2013-06-11 09:59:22 +02:00
Andreas Schneider
fcf8af20f8 BUG 103: Fix ProxyCommand parsing. 2013-06-02 19:29:28 +02:00
Andreas Schneider
2d28ee7d22 config: Rename ssh_config_get_str(). 2013-06-02 18:54:16 +02:00
Andreas Schneider
e41482fec4 opts: Fix segfault in option parser. 2013-06-02 18:34:39 +02:00
Andreas Schneider
992f00b145 getpass: Don't fail if stdin is not a tty.
We don't need to manipulate the tty state (such as turning off echo)
when prompting for passwords if we're not reading from a tty.
2013-04-05 14:14:22 +02:00
Andreas Schneider
24e94d53e9 cmake: Fix installation path for some strange platforms. 2013-03-20 09:38:03 +01:00
Andreas Schneider
8455d79bb6 priv: Make really sure memset doesn't get optimzed out. 2013-03-13 15:37:51 +01:00
Aris Adamantiadis
222a0d78ca poll: return error on poll() when pollset is empty 2013-02-26 23:52:25 +01:00
Andreas Schneider
e471aa4e0b cmake: Fix config include dir variable name. 2013-02-13 15:30:23 +01:00
Andreas Schneider
5d6cab4b14 cmake: Add cmake config files for new find_package() mode. 2013-02-12 13:32:34 +01:00
Andreas Schneider
afe4c92bbf cmake: Fix setting -D_FORTIFY_SOURCE=2. 2013-02-07 17:02:51 +01:00
Johannes Krude
186116f34a socket: Call data handler as long as handler takes data.
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2013-01-29 10:56:49 +01:00
Andreas Schneider
b2f52799c2 include: Fix the LGPL header.
This has been reported by rpmlint:
libssh-devel.x86_64: W: incorrect-fsf-address libssh.h
2013-01-23 00:22:46 +01:00
Andreas Schneider
915781381e BUG 99: Fix string function if no build type is set. 2013-01-22 16:28:25 +01:00
Andreas Schneider
21a45e89c5 options: Fix a free crash bug if we parse unknown options.
Thanks to Yong Chuan Koh, X-Force Research <kohyc@sg.ibm.com>
2013-01-22 11:32:47 +01:00
Aris Adamantiadis
de096910b3 Report according status when errors are detected 2012-12-27 22:01:37 +01:00
Aris Adamantiadis
ce33633bcb Test for bug #64, ssh_channel_read doesn't detect errors 2012-12-27 22:01:08 +01:00
Andreas Schneider
fb3f649c76 cmake: Only set -D_FORTIFY_SOURCE=2 if we have optimizations. 2012-12-25 17:35:07 +01:00
Aris Adamantiadis
5dfc474fa8 Benchmarks: parse config files 2012-12-23 23:10:52 +01:00
Aris Adamantiadis
6d61c3ce4a Fix channel_write to wait during key reexchanges 2012-12-23 23:10:29 +01:00
Aris Adamantiadis
63c3f0e736 Implement key re-exchange 2012-12-23 23:09:50 +01:00
Andreas Schneider
e934ab0816 BUG 82: Fix function names of ssh_forward_*. 2012-12-19 18:15:54 +01:00
Andreas Schneider
9fa53cd932 doc: Fix forward function names. 2012-12-19 18:10:16 +01:00
Andrew Collins
5cd7942801 Fix an invalid strlen comparison in ssh_message_auth_reply_default
During the transition to strncat in ssh_message_auth_reply_default,
an invalid strlen comparison was added which causes the function
to fail whenever it's called.

Signed-off-by: Andrew Collins <bsderandrew@gmail.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2012-12-19 16:03:49 +01:00
Andreas Schneider
de9bc1fa41 string: Fix memory leak in ssh_string_to_char().
This was probably a mistake by me fixing up a patch after merging.
2012-12-13 19:29:46 +01:00
Andreas Schneider
b14df297fa BUG 97: Fix strtoull() detection on serveral platforms. 2012-12-03 14:00:06 +01:00
Andreas Schneider
3896aa43ff BUG 96: Guard ntohll() and htonll prototypes correctly. 2012-12-03 13:44:02 +01:00
Andreas Schneider
da8d44ccba BUG 98: Use __attribute__ ((packed)) only with GCC. 2012-12-03 13:19:29 +01:00
Andreas Schneider
c6fc69fbdd BUG 97: Remove obsolete hsterror().
This function is pretty much obsolete on most platforms. The standard
errno should be used. If it is not enough on Windows we should use
WSAGetLastError() in future.
2012-12-03 13:08:17 +01:00
Andreas Schneider
ab8c7de6f8 BUG 94: Fix big endian issue. 2012-12-03 12:35:36 +01:00
Aris Adamantiadis
cd4e28e7c8 test: Try to fetch wrong values in buffer.
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2012-11-27 19:10:41 +01:00
Andreas Schneider
ea0e858de0 priv: Add BURN_BUFFER macro and make sure it isn't optimzed out. 2012-11-23 11:56:21 +01:00
Andreas Schneider
e403596d98 pki: Add a size limit for pubkey files. 2012-11-21 12:44:00 +01:00
Andreas Schneider
571dc42335 CVE-2012-4559: Make sure we don't free name and longname twice on error. 2012-11-14 17:36:24 +01:00
Andreas Schneider
68d04c8e47 CVE-2012-4559: Ensure that we don't free req twice. 2012-11-14 17:36:24 +01:00
Andreas Schneider
bd3acae4f3 CVE-2012-4560: Fix a write one past the end of 'buf'. 2012-11-14 17:36:24 +01:00
Andreas Schneider
894bbf3137 CVE-2012-4560: Fix a write one past the end of the 'u' buffer. 2012-11-14 17:36:24 +01:00
Andreas Schneider
f61813eaea CVE-2012-4562: Fix a possible infinite loop in buffer_reinit().
If needed is bigger than the highest power of two or a which fits in an
integer we will loop forever.
2012-11-14 17:36:22 +01:00
Xi Wang
ad5f306884 CVE-2012-4562: Fix multiple integer overflows in buffer-related functions. 2012-11-14 17:36:19 +01:00
Xi Wang
5ffb8c7cde CVE-2012-4562: Fix possible integer overflows. 2012-11-14 17:36:16 +01:00
Xi Wang
efaebad323 CVE-2012-4562: Fix possible integer overflow in ssh_get_hexa().
No exploit known, but it is better to check the string length.
2012-11-14 17:36:11 +01:00
Xi Wang
cab00c3bfc pki: Fix integer overflow in ssh_pki_import_privkey_file().
If the file size is ULONG_MAX, the call to malloc() may allocate a
small buffer, leading to a memory corruption.
2012-10-22 21:00:08 +02:00
Xi Wang
d404ad7152 channels: Fix integer overflow in generate_cookie().
Since the type of rnd[i] is signed char, (rnd[i] >> 4), which is
considered as arithmetic shift by gcc, could be negative, leading
to out-of-bounds read.
2012-10-22 21:00:08 +02:00