Upgrade libssh2 to 1.8.2

2025-12-09 14:11:29 +00:00 · 2019-04-04 19:24:13 +00:00
parent 5104307968
commit d8c2a275cf
4 changed files with 26 additions and 43 deletions
--- a/libssh2/RELEASE-NOTES
+++ b/libssh2/RELEASE-NOTES
@@ -1,29 +1,12 @@
-libssh2 1.8.1
+libssh2 1.8.2
 This release includes the following bugfixes:
- o fixed possible integer overflow when reading a specially crafted packet 
+ o Fixed the misapplied userauth patch that broke 1.8.1
-   (https://www.libssh2.org/CVE-2019-3855.html)
+ o moved the MAX size declarations from the public header
 o fixed possible integer overflow in userauth_keyboard_interactive with a 
   number of extremely long prompt strings 
   (https://www.libssh2.org/CVE-2019-3863.html)
 o fixed possible integer overflow if the server sent an extremely large number 
   of keyboard prompts (https://www.libssh2.org/CVE-2019-3856.html)
 o fixed possible out of bounds read when processing a specially crafted packet 
   (https://www.libssh2.org/CVE-2019-3861.html)
 o fixed possible integer overflow when receiving a specially crafted exit 
   signal message channel packet (https://www.libssh2.org/CVE-2019-3857.html)
 o fixed possible out of bounds read when receiving a specially crafted exit 
   status message channel packet (https://www.libssh2.org/CVE-2019-3862.html)
 o fixed possible zero byte allocation when reading a specially crafted SFTP 
   packet (https://www.libssh2.org/CVE-2019-3858.html)
 o fixed possible out of bounds reads when processing specially crafted SFTP 
   packets (https://www.libssh2.org/CVE-2019-3860.html)
 o fixed possible out of bounds reads in _libssh2_packet_require(v) 
   (https://www.libssh2.org/CVE-2019-3859.html)
 This release would not have looked like this without help, code, reports and
 advice from friends like these:
-  Chris Coulson, Michael Buckley, Will Cosgrove, Daniel Stenberg
+  Will Cosgrove
-  (4 contributors)
+  (1 contributors)
--- a/libssh2/include/libssh2.h
+++ b/libssh2/include/libssh2.h
@@ -46,13 +46,13 @@
   to make the BANNER define (used by src/session.c) be a valid SSH
   banner. Release versions have no appended strings and may of course not
   have dashes either. */
-#define LIBSSH2_VERSION "1.8.1"
+#define LIBSSH2_VERSION "1.8.2"
 /* The numeric version number is also available "in parts" by using these
   defines: */
 #define LIBSSH2_VERSION_MAJOR 1
 #define LIBSSH2_VERSION_MINOR 8
-#define LIBSSH2_VERSION_PATCH 1
+#define LIBSSH2_VERSION_PATCH 2
 /* This is the numeric version of the libssh2 version number, meant for easier
   parsing and comparions by programs. The LIBSSH2_VERSION_NUM define will
@@ -69,7 +69,7 @@
   and it is always a greater number in a more recent release. It makes
   comparisons with greater than and less than work.
 */
-#define LIBSSH2_VERSION_NUM 0x010801
+#define LIBSSH2_VERSION_NUM 0x010802
 /*
 * This is the date and time when the full source package was created. The
@@ -80,7 +80,7 @@
 *
 * "Mon Feb 12 11:35:33 UTC 2007"
 */
-#define LIBSSH2_TIMESTAMP "Mon Mar 18 21:30:25 UTC 2019"
+#define LIBSSH2_TIMESTAMP "Mon Mar 25 19:29:57 UTC 2019"
 #ifndef RC_INVOKED
@@ -145,18 +145,6 @@ typedef int libssh2_socket_t;
 #define LIBSSH2_INVALID_SOCKET -1
 #endif /* WIN32 */
 #ifndef SIZE_MAX
 #if _WIN64
 #define SIZE_MAX 0xFFFFFFFFFFFFFFFF
 #else
 #define SIZE_MAX 0xFFFFFFFF
 #endif
 #endif
 #ifndef UINT_MAX
 #define UINT_MAX 0xFFFFFFFF
 #endif
 /*
 * Determine whether there is small or large file support on windows.
 */
--- a/libssh2/src/libssh2_priv.h
+++ b/libssh2/src/libssh2_priv.h
@@ -146,6 +146,18 @@ static inline int writev(int sock, struct iovec *iov, int nvecs)
 #endif
 #ifndef SIZE_MAX
 #if _WIN64
 #define SIZE_MAX 0xFFFFFFFFFFFFFFFF
 #else
 #define SIZE_MAX 0xFFFFFFFF
 #endif
 #endif
 #ifndef UINT_MAX
 #define UINT_MAX 0xFFFFFFFF
 #endif
 /* RFC4253 section 6.1 Maximum Packet Length says:
 *
 * "All implementations MUST be able to process packets with
--- a/libssh2/src/userauth.c
+++ b/libssh2/src/userauth.c
@@ -107,7 +107,7 @@ static char *userauth_list(LIBSSH2_SESSION *session, const char *username,
        LIBSSH2_FREE(session, session->userauth_list_data);
        session->userauth_list_data = NULL;
-        if (rc || (session->userauth_list_data_len < 1)) {
+        if (rc) {
            _libssh2_error(session, LIBSSH2_ERROR_SOCKET_SEND,
                           "Unable to send userauth-none request");
            session->userauth_list_state = libssh2_NB_state_idle;
@@ -127,7 +127,7 @@ static char *userauth_list(LIBSSH2_SESSION *session, const char *username,
            _libssh2_error(session, LIBSSH2_ERROR_EAGAIN,
                           "Would block requesting userauth list");
            return NULL;
-        } else if (rc) {
+        } else if (rc || (session->userauth_list_data_len < 1)) {
            _libssh2_error(session, rc, "Failed getting response");
            session->userauth_list_state = libssh2_NB_state_idle;
            return NULL;
@@ -1172,7 +1172,7 @@ _libssh2_userauth_publickey(LIBSSH2_SESSION *session,
                                     NULL, 0);
        if (rc == LIBSSH2_ERROR_EAGAIN)
            return _libssh2_error(session, LIBSSH2_ERROR_EAGAIN, "Would block");
-        else if (rc || (session->userauth_pblc_data_len < 1)) {
+        else if (rc) {
            LIBSSH2_FREE(session, session->userauth_pblc_packet);
            session->userauth_pblc_packet = NULL;
            LIBSSH2_FREE(session, session->userauth_pblc_method);
@@ -1195,7 +1195,7 @@ _libssh2_userauth_publickey(LIBSSH2_SESSION *session,
        if (rc == LIBSSH2_ERROR_EAGAIN) {
            return _libssh2_error(session, LIBSSH2_ERROR_EAGAIN, "Would block");
        }
-        else if (rc) {
+        else if (rc || (session->userauth_pblc_data_len < 1)) {
            LIBSSH2_FREE(session, session->userauth_pblc_packet);
            session->userauth_pblc_packet = NULL;
            LIBSSH2_FREE(session, session->userauth_pblc_method);