lib/libssh2

mirror of https://github.com/libssh2/libssh2.git synced 2026-01-27 00:18:12 +03:00

Go to file

oss-patch 1ac1ff4438 kex.c: fix possible null pointer dereference in diffie_hellman_sha_algo() (#1508 )

Notes:
PR Description:

Bug Type: Segv on unknown address
Summary: A vulnerability was discovered in the libssh2 program where an invalid memory access occurred due to dereferencing a NULL pointer. The issue was identified in the diffie_hellman_sha_algo function within kex.c.
Fix Summary: The patch resolves the issue by introducing a NULL pointer check for session->hostkey before dereferencing it. If the pointer is NULL, a corresponding error is returned, and the function exits gracefully. This fix ensures the program does not attempt to access invalid memory. The patch improves the security and stability of the program by preventing segmentation faults caused by invalid memory access.

2025-02-28 09:47:47 -08:00

ci/GHA: limit ENABLE_ECDSA_WINCNG option to WinCNG

2025-02-05 12:37:22 +01:00

ossfuzz: fix picky compiler warnings, make it pass checksrc

2025-01-30 23:36:39 +01:00

cmake: make libssh2-config work with all TLS-backends

2025-02-04 00:39:38 +01:00

tidy-up: replace exit() with return

2025-02-13 13:51:49 +01:00

tidy-up: replace exit() with return

2025-02-13 13:51:49 +01:00

build: add support for clang-cl, add CI job

2025-01-31 05:13:18 +01:00

Implement chacha20-poly1305@openssh.com

2024-08-06 10:56:23 +02:00

provide SPDX identifiers

2023-06-07 08:18:55 +02:00

libssh2_base64_decode: add deprecation warning

2025-01-31 02:04:59 +01:00

kex.c: fix possible null pointer dereference in diffie_hellman_sha_algo() (#1508 )

2025-02-28 09:47:47 -08:00

cmake: prefer CMAKE_INSTALL_PREFIX over --prefix (in tests)

2025-02-17 18:43:49 +01:00

checksrc: update, check all sources, fix fallouts

2024-09-28 11:41:52 +02:00

.editorconfig

Update EditorConfig

2019-08-02 16:38:08 -07:00

.gitignore

gitignore: compress rules

2025-01-31 02:00:28 +01:00

acinclude.m4

build: enable -Wcast-qual, fix fallouts

2025-01-31 00:57:26 +01:00

appveyor.yml

build: add support for clang-cl, add CI job

2025-01-31 05:13:18 +01:00

CMakeLists.txt

cmake: extend, not overwrite, CMAKE_REQUIRED_* values

2025-02-05 12:40:40 +01:00

config.rpath

provide SPDX identifiers

2023-06-07 08:18:55 +02:00

configure.ac

build: stop detecting sys/param.h header

2024-07-04 01:59:58 +02:00

COPYING

copyright: remove years from copyright headers

2023-06-04 19:19:16 +00:00

get_ver.awk

provide SPDX identifiers

2023-06-07 08:18:55 +02:00

git2news.pl

provide SPDX identifiers

2023-06-07 08:18:55 +02:00

libssh2-style.el

provide SPDX identifiers

2023-06-07 08:18:55 +02:00

libssh2.pc.in

drop www. from www.libssh2.org

2023-08-18 11:20:58 +00:00

Makefile.am

os400: drop vsprintf() use

2024-10-02 16:04:30 +02:00

maketgz

maketgz: add reproducible dir entries to tarballs

2024-04-09 09:15:12 +00:00

NEWS

NEWS: auto-generated from git

2011-04-04 13:31:33 +02:00

README

drop www. from www.libssh2.org

2023-08-18 11:20:58 +00:00

README.md

drop www. from www.libssh2.org

2023-08-18 11:20:58 +00:00

RELEASE-NOTES

RELEASE-NOTES: 1.11.1

2024-10-16 10:03:11 +02:00

REUSE.toml

ossfuzz: fix picky compiler warnings, make it pass checksrc

2025-01-30 23:36:39 +01:00

README.md

libssh2 - SSH2 library

libssh2 is a library implementing the SSH2 protocol, available under the revised BSD license.

Web site source code

Installation instructions:

Languages

C 84.8%

M4 3.6%

CMake 3.5%

Shell 2.6%

Perl 1.9%

Other 3.3%