ALP-pool/libssh
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
Files
main
libssh/libssh-CVE-2026-0966-misc-Avoid-heap-buffer-underflow-in-ss.patch

30 lines
860 B
Diff
Raw Permalink Blame History

From 6ba5ff1b7b1547a59f750fbc06b89737b7456117 Mon Sep 17 00:00:00 2001
From: Jakub Jelen <jjelen@redhat.com>
Date: Thu, 8 Jan 2026 12:09:50 +0100
Subject: [PATCH 05/12] CVE-2026-0966 misc: Avoid heap buffer underflow in
ssh_get_hexa
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Pavol Žáčik <pzacik@redhat.com>
(cherry picked from commit 417a095e6749a1f3635e02332061edad3c6a3401)
diff --git a/src/misc.c b/src/misc.c
index 774211fb..08c690b2 100644
--- a/src/misc.c
+++ b/src/misc.c
@@ -459,7 +459,7 @@ char *ssh_get_hexa(const unsigned char *what, size_t len)
size_t i;
size_t hlen = len * 3;
- if (len > (UINT_MAX - 1) / 3) {
+ if (what == NULL || len < 1 || len > (UINT_MAX - 1) / 3) {
return NULL;
}
--
2.52.0
Reference in New Issue View Git Blame Copy Permalink