.. to satisfy restricted environment or fuzzers
We are encountering weird issues in the oss-fuzz that the file disappears during
coverage build so I assume some corpus sneaked in, that contains some commands
that end up being executed as part of the coverage run causing it randomly
failing.
The solution I propose is to build fuzzers without ability to call arbitrary
commands on the filesystem (such as `rm -rf /`) as this is not the point the
fuzzers should be testing.
This is controlled by the WITH_EXEC CMake option (enabled by default).
https://github.com/google/oss-fuzz/issues/10136
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Sahana Prasad <sahana@redhat.com>
Reviewed-by: Eshan Kelkar <eshankelkar@galorithm.com>
Turns out it indirectly included err.h, which was needed for some other uses in
this file.
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Sahana Prasad <sahana@redhat.com>
Reviewed-by: Eshan Kelkar <eshankelkar@galorithm.com>
The libgcrypt has a lot of reachable code so allowing it to fail
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
The endif preprocessor directive was corresponding to an ifndef _WIN32,
a comment has been added which clarifies that.
Signed-off-by: Eshan Kelkar <eshankelkar@galorithm.com>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Sahana Prasad <sahana@redhat.com>
This commit also initializes the pointers in match_group() to NULL
in order to follow libssh coding guidelines.
Signed-off-by: Eshan Kelkar <eshankelkar@galorithm.com>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Sahana Prasad <sahana@redhat.com>
ssh_match_group() has been moved from misc.c to match.c, because it fits
better with other match_*() functions in match.c
The name of the function has also been changed from "ssh_match_group" to
"match_group" to be consistent with the naming of the other match.c
functions.
Signed-off-by: Eshan Kelkar <eshankelkar@galorithm.com>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Sahana Prasad <sahana@redhat.com>
This also adds mbedtls in the places where it was missing in documentation.
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Sahana Prasad <sahana@redhat.com>
Previously the call to ssh_handle_packets() would be skipped if the buffer
wasn't empty. This meant that if ssh_channel_poll() was called on a non-blocking
channel with callbacks to handle incoming data, and the buffer already had some
data, the callbacks would never be called.
Signed-off-by: James Wrigley <james@puiterwijk.org>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
The datatype of the option value for the option SSH_OPTIONS_CONTROL_MASTER
should be int, this wasn't mentioned in the documentation. This commit
mentions that.
Signed-off-by: Eshan Kelkar <eshankelkar@galorithm.com>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
Text has been added to the documentation of ssh_options_set() and
ssh_bind_options_set() which explains what the third argument (value argument)
should be depending on the option value to set.
Signed-off-by: Eshan Kelkar <eshankelkar@galorithm.com>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
For the data type of the third argument <value> corresponding to the
second argument <option type>, the documentation of ssh_options_set()
and ssh_bind_options_set() uses a scheme of (data_type *) in some
places whereas (data_type) in other places. Here data_type is the type
of the value which is to be set (it can be const char *, int, bool,
long, ssh_key etc)
This commit removes this inconsistency and uses the (data_type)
scheme everywhere.
Signed-off-by: Eshan Kelkar <eshankelkar@galorithm.com>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
The argument for RSA_MIN_SIZE ssh and sshbind option is of
(int *) type, and hence the caller can supply a pointer to a
location storing a negative value. The commit adds a check to
not allow minimum rsa key size to be set to a negative value.
Signed-off-by: Eshan Kelkar <eshankelkar@galorithm.com>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
%u was being used for printing int type argument which is signed.
This commit changes the format specifier to %d.
Signed-off-by: Eshan Kelkar <eshankelkar@galorithm.com>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
When the callback structure is allocated with malloc, some fields might be
uninitialized and therefore could cause undefined behavior or crashes.
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Sahana Prasad <sahana@redhat.com>
