userauth_keyboard_interactive: fix buffer overflow

Partly reverse 566894494b which was simplifying the code far too much and ended up overflowing a buffer within the LIBSSH2_SESSION struct. Back to allocating the buffer properly like it used to do. Bug: http://www.libssh2.org/mail/libssh2-devel-archive-2011-06/0032.shtml Reported by: Alfred Gebert
2025-10-31 23:30:25 +03:00 · 2011-06-29 21:30:22 +02:00
parent dadc05fdfd
commit 45ffdcfe3c
2 changed files with 15 additions and 6 deletions
--- a/src/libssh2_priv.h
+++ b/src/libssh2_priv.h
@@ -683,7 +683,6 @@ struct _LIBSSH2_SESSION

    /* State variables used in libssh2_userauth_keyboard_interactive_ex() */
    libssh2_nonblocking_states userauth_kybd_state;
-    unsigned char userauth_buf[5];
    unsigned char *userauth_kybd_data;
    size_t userauth_kybd_data_len;
    unsigned char *userauth_kybd_packet;