lib/libssh
1
0
Fork 0
mirror of https://git.libssh.org/projects/libssh.git synced 2025-11-27 13:21:11 +03:00
Code Activity

sftp: Add bound check for size

Browse Source 
CID: #1238630

Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
This commit is contained in:
Andreas Schneider
2015-05-04 16:46:21 +02:00
parent 33ecff11dd
commit 4b9916136d
1 changed files with 2 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
src/sftp.c
View File

@@ -33,6 +33,7 @@
#include <stdio.h> #include <stdio.h>
#include <sys/types.h> #include <sys/types.h>
#include <sys/stat.h> #include <sys/stat.h>
#include <limits.h>
#ifndef _WIN32 #ifndef _WIN32
#include <netinet/in.h> #include <netinet/in.h>
@@ -353,7 +354,7 @@ sftp_packet sftp_packet_read(sftp_session sftp) {
buffer_get_u8(packet->payload, &packet->type); buffer_get_u8(packet->payload, &packet->type);
size = ntohl(size); size = ntohl(size);
if (size == 0) { if (size == 0 || size > UINT_MAX) {
return packet; return packet;
} }
size--; size--;