1
1

1781 Коммитов

Автор SHA1 Сообщение Дата
Daniel Stenberg
e16f638dca RELEASE-NOTES: 1.5.0 release 2015-03-11 08:07:45 +01:00
Mariusz Ziulek
7d94b69b80 kex: bail out on rubbish in the incoming packet
CVE-2015-1782

Bug: http://www.libssh2.org/adv_20150311.html
2015-03-07 11:57:04 +01:00
Daniel Stenberg
8bb6cf7f95 docs: move INSTALL, AUTHORS, HACKING and TODO to docs/
And with this, cleanup README to be shorter and mention the new source
code home.
2015-03-07 11:42:14 +01:00
Daniel Stenberg
5fcbb168b8 .gitignore: don't ignore INSTALL 2015-03-07 11:32:08 +01:00
Dan Fandrich
d811750645 examples/x11.c: include sys/select.h for improved portability 2015-03-04 22:57:25 +01:00
Daniel Stenberg
cfe94c715e RELEASE-NOTES: synced with a8473c819bc068
In preparation for the upcoming 1.5.0 release.
2015-03-04 09:38:17 +01:00
Guenter Knauf
a8473c819b NetWare build: added some missing exports. 2015-01-08 21:03:17 +01:00
Marc Hoersken
c71889017f knownhost.c: fix use of uninitialized argument variable wrote
Detected by clang scan in	line 1195, column 18.
2014-12-29 18:37:46 +01:00
Marc Hoersken
253d5922f2 examples/x11.c: fix result of operation is garbage or undefined
Fix use of uninitialized structure w_size_bck.
Detected by clang scan in	line 386, column 28.
2014-12-29 18:31:11 +01:00
Marc Hoersken
79d63df12d examples/x11.c: remove dead assigments of some return values
Detected by clang scan in line 212, column 9.
Detected by clang scan in line 222, column 13.
Detected by clang scan in	line 410, column 13.
2014-12-29 18:24:17 +01:00
Marc Hoersken
86552bf2bb examples/x11.c: fix possible memory leak if read fails
Detected by clang scan in line 224, column 21.
2014-12-27 14:00:48 +01:00
Marc Hoersken
477e609a84 examples/x11.c: fix invalid removal of first list element
Fix use of memory after it was being freed.
Detected by clang scan in line 56, column 12.
2014-12-27 13:48:51 +01:00
Marc Hoersken
3e47ca8a32 userauth.c: make sure that sp_len is positive and avoid overflows
... if the pointer subtraction of sp1 - pubkey - 1 resulted in a
negative or larger value than pubkey_len, memchr would fail.

Reported by Coverity CID 89846.
2014-12-26 14:08:35 +01:00
Marc Hoersken
6af0ee567b channel.c: remove logically dead code, host cannot be NULL here
... host cannot be NULL in line 525, because it is always
valid (e.g. at least set to "0.0.0.0") after lines 430 and 431.

Reported by Coverity CID 89807.
2014-12-26 13:51:27 +01:00
Marc Hoersken
c6d99bd3a4 session.c: check return value of session_nonblock during startup
Reported by Coverity CID 89803.
2014-12-26 13:45:59 +01:00
Marc Hoersken
d1eccb487a session.c: check return value of session_nonblock in debug mode
Reported by Coverity CID 89805.
2014-12-26 13:40:42 +01:00
Marc Hoersken
22204c4e2e pem.c: fix mixed line-endings introduced with 8670f5da24 2014-12-26 13:39:18 +01:00
Marc Hoersken
8670f5da24 pem.c: make sure there's a trailing zero and b64data is not NULL
... if there is no base64 data between PEM header and footer.
Reported by Coverity CID 89823.
2014-12-26 13:31:26 +01:00
Marc Hoersken
3835655f09 kex.c: make sure mlist is not set to NULL
... if the currently unsupported LANG methods are called.
Reported by Coverity CID 89834.
2014-12-26 13:20:14 +01:00
Marc Hoersken
dc199ed03a packet.c: i < 256 was always true and i would overflow to 0
Visualize that the 0-termination is intentional, because the array
is later passed to strlen within _libssh2_packet_askv.
2014-12-26 11:21:10 +01:00
Marc Hoersken
8f799f98d9 silence multiple data conversion warnings 2014-12-26 11:05:34 +01:00
Daniel Stenberg
637c90959b agent_connect_unix: make sure there's a trailing zero
... if the path name was too long. Reported by Coverity CID 89801.
2014-12-23 20:05:16 +01:00
Marc Hoersken
8a731d6217 examples on Windows: use native SOCKET-type instead of int
And check return values accordingly.
2014-12-22 17:03:42 +01:00
Marc Hoersken
d85f9a689f userauth.c: improve readability and clarity of for-loops 2014-12-22 16:18:36 +01:00
Daniel Stenberg
031566f9cc calloc: introduce LIBSSH2_CALLOC()
A simple function using LIBSSH2_ALLOC + memset, since this pattern was
used in multiple places and this simplies code in general.
2014-12-22 15:59:21 +01:00
Marc Hoersken
977a3b6a76 libssh2_priv.h: Ignore session, context and format parameters 2014-12-15 01:16:00 +01:00
Marc Hoersken
34dc1d61b4 x11 example: check return value of socket function 2014-12-15 01:10:29 +01:00
Marc Hoersken
be95032e29 examples: fixed mixed line-endings introduced with aedfba25b8 2014-12-15 01:09:13 +01:00
Marc Hoersken
c0bface8a7 wincng.c: explicitly ignore BCrypt*AlgorithmProvider return codes
Fixes VS2012 code analysis warning C6031:
return value ignored: <function> could return unexpected value
2014-12-15 01:00:52 +01:00
Marc Hoersken
f31c9fb221 wincng.c: fix possible invalid memory write access
Fixes VS2012 code analysis warning C6386:
buffer overrun: accessing 'pbOutput', the writable size is
'cbOutput' bytes, but '3' bytes may be written: libssh2 wincng.c 610
2014-12-15 01:00:48 +01:00
Marc Hoersken
f89bed9571 tests on Windows: check for WSAStartup return code
Fixes VS2012 code analysis warning C6031:
return value ignored: <function> could return unexpected value
2014-12-15 01:00:36 +01:00
Marc Hoersken
bc9d735664 wincng.c: fix possible NULL pointer de-reference of bignum
Fixes VS2012 code analysis warning C6011:
dereferencing NULL pointer 'bignum'. libssh2 wincng.c 1567
2014-12-15 00:59:11 +01:00
Marc Hoersken
06ff22f1a6 wincng.c: fix possible use of uninitialized memory
Fixes VS2012 code analysis warning C6001:
using uninitialized memory 'cbDecoded'. libssh2 wincng.c 553
2014-12-15 00:59:09 +01:00
Marc Hoersken
e57f29f8f6 packet.c: fix possible NULL pointer de-reference within listen_state
Fixes VS2012 code analysis warning C6011:
dereferencing NULL pointer 'listen_state->channel'. libssh2 packet.c 221
2014-12-15 00:59:05 +01:00
Marc Hoersken
1c1699545b kex.c: fix possible NULL pointer de-reference with session->kex
Fixes VS2012 code analysis warning C6011:
dereferencing NULL pointer 'session->kex'. libssh2 kex.c 1761
2014-12-15 00:59:03 +01:00
Marc Hoersken
abcc0d370f agent.c: check return code of MapViewOfFile
Fixes VS2012 code analysis warning C6387: 'p+4' may be '0':
this does not adhere to the specification for the function
'memcpy': libssh2 agent.c 330

Fixes VS2012 code analysis warning C6387: 'p' may be '0':
this does not adhere to the specification for the function
'UnmapViewOfFile': libssh2 agent.c 333
2014-12-15 00:59:00 +01:00
Marc Hoersken
977dbb7511 examples on Windows: check for socket return code
Fixes VS2012 code analysis warning C28193:
The variable holds a value that must be examined
2014-12-15 00:58:57 +01:00
Marc Hoersken
aedfba25b8 examples on Windows: check for WSAStartup return code
Fixes VS2012 code analysis warning C6031:
return value ignored: <function> could return unexpected value
2014-12-15 00:58:56 +01:00
Guenter Knauf
19f1402f1d wincng.c: silent some more gcc compiler warnings. 2014-12-11 21:39:47 +01:00
Guenter Knauf
df5c61dbca wincng.c: silent gcc compiler warnings. 2014-12-11 21:35:18 +01:00
Guenter Knauf
1689315fce Watcom build: added support for WinCNG build. 2014-12-08 02:56:34 +01:00
Guenter Knauf
7f7e65c54b build: updated dependencies in makefiles. 2014-12-07 16:16:21 +01:00
Daniel Stenberg
751e0087a8 configure: change LIBS not LDFLAGS when checking for libs
Closes #289

Patch-by: maurerpe
2014-12-04 22:45:30 +01:00
Guenter Knauf
600f26ce6e MinGW build: some more GNUMakefile tweaks.
test/GNUmakefile: added architecture autodetection; added switches to
CFLAGS and RCFLAGS to make sure that the right architecture is used.
Added support to build with WinCNG.
2014-12-03 16:24:35 +01:00
Guenter Knauf
3260beb07a sftpdir.c: added authentication method detection.
Stuff copied over from ssh2.c to make testing a bit easier.
2014-12-03 15:19:32 +01:00
Guenter Knauf
01a6210ab7 NMake build: fixed LIBS settings. 2014-12-01 13:21:50 +01:00
Guenter Knauf
6a3b5487cb NMake build: added support for WinCNG build. 2014-11-30 18:39:57 +01:00
Guenter Knauf
e4ba5fabec MinGW build: some GNUMakefile tweaks.
Added architecture autodetection; added switches to CFLAGS and
RCFLAGS to make sure that the right architecture is used.
Added support to build with WinCNG.
2014-11-30 16:19:01 +01:00
Guenter Knauf
46f017e751 MinGW build: Fixed redefine warnings. 2014-11-30 16:03:58 +01:00
Guenter Knauf
12adbc28b8 Updated copyright year. 2014-11-30 15:48:55 +01:00