lib/libssh
1
0
Fork 0
mirror of https://git.libssh.org/projects/libssh.git synced 2025-08-10 06:23:01 +03:00
Code Activity

Make sure we pass right parameters to buffer_pack

Browse Source 
Fixes: #299

Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Sahana Prasad <sahana@redhat.com>
Reviewed-by: Norbert Pocs <norbertpocs0@gmail.com>
This commit is contained in:
Jakub Jelen
2025-04-14 22:17:02 +02:00
parent b14018ecab
commit d00f7b1bf9
5 changed files with 32 additions and 20 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
src/channels.c
View File

@@ -1622,7 +1622,8 @@ static int channel_write_common(ssh_channel channel,
rc = ssh_buffer_pack(session->out_buffer, rc = ssh_buffer_pack(session->out_buffer,
"dP", "dP",
effectivelen, effectivelen,
(size_t)effectivelen, data); (size_t)effectivelen,
data);
if (rc != SSH_OK) { if (rc != SSH_OK) {
ssh_set_error_oom(session); ssh_set_error_oom(session);
goto error; goto error;
@@ -1998,7 +1999,8 @@ int ssh_channel_request_pty_size_modes(ssh_channel channel, const char *terminal
0, /* pix */ 0, /* pix */
0, /* pix */ 0, /* pix */
(uint32_t)modes_len, (uint32_t)modes_len,
modes_len, modes); (size_t)modes_len,
modes);
if (rc != SSH_OK) { if (rc != SSH_OK) {
ssh_set_error_oom(session); ssh_set_error_oom(session);

12
src/kex.c
View File

@@ -1077,7 +1077,7 @@ int ssh_send_kex(ssh_session session)
rc = ssh_buffer_pack(session->out_buffer, rc = ssh_buffer_pack(session->out_buffer,
"bP", "bP",
SSH2_MSG_KEXINIT, SSH2_MSG_KEXINIT,
16, (size_t)16,
kex->cookie); /* cookie */ kex->cookie); /* cookie */
if (rc != SSH_OK) if (rc != SSH_OK)
goto error; goto error;
@@ -1409,10 +1409,10 @@ int ssh_make_sessionid(ssh_session session)
rc = ssh_buffer_pack(buf, rc = ssh_buffer_pack(buf,
"dPdPS", "dPdPS",
ssh_buffer_get_len(client_hash), ssh_buffer_get_len(client_hash),
ssh_buffer_get_len(client_hash), (size_t)ssh_buffer_get_len(client_hash),
ssh_buffer_get(client_hash), ssh_buffer_get(client_hash),
ssh_buffer_get_len(server_hash), ssh_buffer_get_len(server_hash),
ssh_buffer_get_len(server_hash), (size_t)ssh_buffer_get_len(server_hash),
ssh_buffer_get(server_hash), ssh_buffer_get(server_hash),
server_pubkey_blob); server_pubkey_blob);
SSH_STRING_FREE(server_pubkey_blob); SSH_STRING_FREE(server_pubkey_blob);
@@ -1514,9 +1514,11 @@ int ssh_make_sessionid(ssh_session session)
rc = ssh_buffer_pack(buf, rc = ssh_buffer_pack(buf,
"dPdP", "dPdP",
CURVE25519_PUBKEY_SIZE, CURVE25519_PUBKEY_SIZE,
(size_t)CURVE25519_PUBKEY_SIZE, session->next_crypto->curve25519_client_pubkey, (size_t)CURVE25519_PUBKEY_SIZE,
session->next_crypto->curve25519_client_pubkey,
CURVE25519_PUBKEY_SIZE, CURVE25519_PUBKEY_SIZE,
(size_t)CURVE25519_PUBKEY_SIZE, session->next_crypto->curve25519_server_pubkey); (size_t)CURVE25519_PUBKEY_SIZE,
session->next_crypto->curve25519_server_pubkey);
if (rc != SSH_OK) { if (rc != SSH_OK) {
ssh_set_error(session, ssh_set_error(session,

2
src/messages.c
View File

@@ -786,7 +786,7 @@ static ssh_buffer ssh_msg_userauth_build_digest(ssh_session session,
rc = ssh_buffer_pack(buffer, rc = ssh_buffer_pack(buffer,
"dPbsssbsS", "dPbsssbsS",
crypto->session_id_len, /* session ID string */ (uint32_t)crypto->session_id_len, /* session ID string */
crypto->session_id_len, crypto->session_id_len,
crypto->session_id, crypto->session_id,
SSH2_MSG_USERAUTH_REQUEST, /* type */ SSH2_MSG_USERAUTH_REQUEST, /* type */

15
src/pki.c
View File

@@ -2638,10 +2638,14 @@ int ssh_pki_signature_verify(ssh_session session,
return SSH_ERROR; return SSH_ERROR;
} }
rc = ssh_buffer_pack(sk_buffer, "PbdP", rc = ssh_buffer_pack(sk_buffer,
SHA256_DIGEST_LEN, application_hash, "PbdP",
sig->sk_flags, sig->sk_counter, (size_t)SHA256_DIGEST_LEN,
SHA256_DIGEST_LEN, input_hash); application_hash,
sig->sk_flags,
sig->sk_counter,
(size_t)SHA256_DIGEST_LEN,
input_hash);
if (rc != SSH_OK) { if (rc != SSH_OK) {
SSH_BUFFER_FREE(sk_buffer); SSH_BUFFER_FREE(sk_buffer);
explicit_bzero(input_hash, SHA256_DIGEST_LEN); explicit_bzero(input_hash, SHA256_DIGEST_LEN);
@@ -2735,7 +2739,8 @@ ssh_string ssh_pki_do_sign(ssh_session session,
rc = ssh_buffer_pack(sign_input, rc = ssh_buffer_pack(sign_input,
"SP", "SP",
session_id, session_id,
ssh_buffer_get_len(sigbuf), ssh_buffer_get(sigbuf)); (size_t)ssh_buffer_get_len(sigbuf),
ssh_buffer_get(sigbuf));
if (rc != SSH_OK) { if (rc != SSH_OK) {
goto end; goto end;
} }

17
src/pki_container_openssh.c
View File

@@ -552,7 +552,8 @@ ssh_string ssh_pki_openssh_privkey_export(const ssh_key privkey,
"ddPs", "ddPs",
rnd, /* checkint 1 & 2 */ rnd, /* checkint 1 & 2 */
rnd, rnd,
ssh_string_len(blob), ssh_string_data(blob), ssh_string_len(blob),
ssh_string_data(blob),
"" /* comment */); "" /* comment */);
if (rc == SSH_ERROR){ if (rc == SSH_ERROR){
goto error; goto error;
@@ -621,15 +622,17 @@ ssh_string ssh_pki_openssh_privkey_export(const ssh_key privkey,
rc = ssh_buffer_pack(buffer, rc = ssh_buffer_pack(buffer,
"PssSdSdP", "PssSdSdP",
(size_t)strlen(OPENSSH_AUTH_MAGIC) + 1, OPENSSH_AUTH_MAGIC, strlen(OPENSSH_AUTH_MAGIC) + 1,
OPENSSH_AUTH_MAGIC,
to_encrypt ? "aes128-cbc" : "none", /* ciphername */ to_encrypt ? "aes128-cbc" : "none", /* ciphername */
to_encrypt ? "bcrypt" : "none", /* kdfname */ to_encrypt ? "bcrypt" : "none", /* kdfname */
kdf_options, /* kdfoptions */ kdf_options, /* kdfoptions */
(uint32_t) 1, /* nkeys */ (uint32_t)1, /* nkeys */
pubkey_s, pubkey_s,
(uint32_t)ssh_buffer_get_len(privkey_buffer), ssh_buffer_get_len(privkey_buffer),
/* rest of buffer is a string */ /* rest of buffer is a string */
(size_t)ssh_buffer_get_len(privkey_buffer), ssh_buffer_get(privkey_buffer)); (size_t)ssh_buffer_get_len(privkey_buffer),
ssh_buffer_get(privkey_buffer));
if (rc != SSH_OK) { if (rc != SSH_OK) {
goto error; goto error;
} }