Jakub Jelen f5211239f9 CVE-2021-3634: Create a separate length for session_id ...

Normally, the length of session_id and secret_hash is the same,
but if we will get into rekeying with a peer that changes preference
of key exchange algorithm, the new secret hash can be larger or
smaller than the previous session_id causing invalid reads or writes.

Resolves https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=35485

Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>

2021-08-18 14:13:56 +02:00

..

ABI

Bump SO version to 4.8.1

2019-06-14 15:22:56 +02:00

external

Don't allocate ssh_blf_ctx from stack in bcrypt_pbkdf

2021-05-27 13:45:47 +02:00

threads

[winlocks] Include stdlib.h to avoid crash in Windows

2021-03-11 09:02:08 -05:00

agent.c

agent: Avoid 1KB temporary buffer in agent_talk

2021-05-31 21:36:26 +02:00

auth.c

Fix error in documentation

2021-07-06 11:25:32 +02:00

base64.c

base64: Use SSH_BUFFER_FREE()

2019-12-09 16:08:03 +01:00

bignum.c

More consistent logging

2021-08-18 14:13:56 +02:00

bind_config.c

Make the max file line length configurable

2021-06-16 11:56:53 +02:00

bind.c

add moduli file location as an ssh_bind option

2021-06-04 22:27:51 -07:00

buffer.c

Fixes typo in src/buffer.c

2021-05-27 13:45:47 +02:00

callbacks.c

callbacks: Implement list of callbacks for channels

2016-05-02 16:56:54 +02:00

chachapoly.c

chachapoly: Use secure_memcmp() to compare auth tag

2021-01-12 12:54:18 +01:00

channels.c

[#48/T22] Added missing server reply on auth-agent-req when a reply was requested by the client. PuTTY for Windows chokes without this reply if "Allow agent forwarding" is enabled. Reply will be successful if channel_auth_agent_req_function callback is defined. Based on an unmerged patch by Jon Simons.

2021-07-07 14:17:07 +02:00

client.c

Happy new year 2021!

2021-01-01 16:08:30 +01:00

CMakeLists.txt

cmake: Avoid setting compiler flags directly

2021-02-04 18:04:15 +08:00

config_parser.c

config_parser: Allow equal sign as a separator and eat up trailing whitespace

2020-04-20 14:14:33 +02:00

config.c

Make the max file line length configurable

2021-06-16 11:56:53 +02:00

connect.c

Fix error: dereferencing pointer to incomplete type ‘struct timeval’

2021-05-27 13:45:47 +02:00

connector.c

fixed issue with ssh_connector when data has been consumed by a channel callback

2021-07-07 11:05:25 +02:00

crypto_common.c

packet_crypt: Move secure_memcmp() to a shared source

2021-01-12 12:54:18 +01:00

curve25519.c

Add safety checks for all ssh_string_fill calls

2020-12-11 13:32:02 +01:00

dh_crypto.c

kex: Add support for diffie-hellman-group14-sha256

2020-04-06 09:27:26 +02:00

dh_key.c

kex: Add support for diffie-hellman-group14-sha256

2020-04-06 09:27:26 +02:00

dh-gex.c

add moduli file location as an ssh_bind option

2021-06-04 22:27:51 -07:00

dh.c

Clean memory on failure paths

2021-01-12 12:46:25 +01:00

ecdh_crypto.c

ecdh_crypto: Use SSH_STRING_FREE()

2019-12-09 16:08:03 +01:00

ecdh_gcrypt.c

ecdh_gcrypt: Use SSH_STRING_FREE()

2019-12-09 16:08:03 +01:00

ecdh_mbedcrypto.c

ecdh_mbedcrypto: Use SSH_STRING_FREE()

2019-12-09 16:08:03 +01:00

ecdh.c

ecdh: Use SSH_STRING_FREE()

2019-12-09 16:08:03 +01:00

error.c

error: Add ssh_reset_error() function

2018-08-27 11:29:18 +02:00

gcrypt_missing.c

dh: Do some basic refactoring

2019-01-24 11:56:23 +01:00

getpass.c

Fix some compiler warnings

2021-08-12 20:02:25 +02:00

gssapi.c

CVE-2021-3634: Create a separate length for session_id

2021-08-18 14:13:56 +02:00

gzip.c

Make the transfer buffer size configurable

2021-06-16 11:56:44 +02:00

init.c

init: Introduce internal is_ssh_initialized()

2020-04-09 11:25:49 +02:00

kdf.c

CVE-2021-3634: Create a separate length for session_id

2021-08-18 14:13:56 +02:00

kex.c

CVE-2021-3634: Create a separate length for session_id

2021-08-18 14:13:56 +02:00

known_hosts.c

Make the max file line length configurable

2021-06-16 11:56:53 +02:00

knownhosts.c

Make the max file line length configurable

2021-06-16 11:56:53 +02:00

legacy.c

legacy,keys: Fix the macro conditions

2019-12-23 14:45:24 +01:00

libcrypto-compat.c

Remove no longer needed compatibility function

2021-01-11 10:45:22 +01:00

libcrypto-compat.h

Remove compat reset function

2021-01-11 10:45:22 +01:00

libcrypto.c

CVE-2021-3634: Create a separate length for session_id

2021-08-18 14:13:56 +02:00

libgcrypt.c

Add basic support for none cipher and MACs

2020-05-05 14:23:06 +02:00

libmbedcrypto.c

mbedtls: Change the last argument of cipher_[de|en]crypt_cbc to size_t

2021-05-27 13:45:47 +02:00

libssh.map

log: add ssh_vlog to save the stack space

2021-06-10 14:56:29 +02:00

log.c

log: add ssh_vlog to save the stack space

2021-06-10 14:56:29 +02:00

match.c

match: Limit possible recursion when parsing wildcards to a sensible number

2019-12-09 16:08:03 +01:00

mbedcrypto_missing.c

mbedcrypto_missing: Always check return values

2019-12-23 14:31:32 +01:00

messages.c

CVE-2021-3634: Create a separate length for session_id

2021-08-18 14:13:56 +02:00

misc.c

misc: Avoid the 4KB stack buffer in ssh_path_expand_escape

2021-06-16 11:58:06 +02:00

options.c

misc: Avoid the 4KB stack buffer in ssh_bind_options_expand_escape

2021-06-16 11:58:07 +02:00

packet_cb.c

Clean memory on failure paths

2021-01-12 12:46:25 +01:00

packet_crypt.c

packet_crypt: Move secure_memcmp() to a shared source

2021-01-12 12:54:18 +01:00

packet.c

CVE-2021-3634: Create a separate length for session_id

2021-08-18 14:13:56 +02:00

pcap.c

pcap: Use SSH_BUFFER_FREE()

2019-12-09 16:08:03 +01:00

pki_container_openssh.c

pki: Fix possible information leak via uninitialized stack buffer

2019-12-09 16:08:03 +01:00

pki_crypto.c

More consistent logging

2021-08-18 14:13:56 +02:00

pki_ed25519_common.c

Add safety checks for all ssh_string_fill calls

2020-12-11 13:32:02 +01:00

pki_ed25519.c

pki: Move common Ed25519 functions to pki_ed25519_common.c

2019-09-24 16:49:35 +02:00

pki_gcrypt.c

Add safety checks for all ssh_string_fill calls

2020-12-11 13:32:02 +01:00

pki_mbedcrypto.c

More consistent logging

2021-08-18 14:13:56 +02:00

pki.c

CVE-2021-3634: Create a separate length for session_id

2021-08-18 14:13:56 +02:00

poll.c

ssh_event_dopoll can also return SSH_AGAIN

2019-02-27 08:17:53 +01:00

scp.c

scp: Avoid allocate 8KB stack buffer in ssh_scp_deny_request

2021-06-01 10:48:41 +08:00

server.c

server: Use SSH_STRING_FREE()

2019-12-09 16:08:03 +01:00

session.c

add moduli file location as an ssh_bind option

2021-06-04 22:27:51 -07:00

sftp.c

sftp: Read the data directly into packet->payload

2021-05-27 13:45:47 +02:00

sftpserver.c

sftpserver: Add missing return check for ssh_buffer_add_data()

2020-06-03 10:38:40 +02:00

socket.c

socket: Read the data directly into in_buffer

2021-05-31 21:44:08 +02:00

string.c

string: Don't allow to allocate strings bigger than 256M

2018-09-04 12:29:20 +02:00

threads.c

threads: Automatically call ssh_init on load

2018-08-03 16:43:03 +02:00

token.c

token: Added function to remove duplicates

2019-07-04 10:29:20 +02:00

wrapper.c

CVE-2021-3634: Create a separate length for session_id

2021-08-18 14:13:56 +02:00