| Commit message (Collapse) | Author | Age | Files | Lines | ||
|---|---|---|---|---|---|---|
| ... | ||||||
| * | CVE-2012-4560: Fix a write one past the end of 'buf'. | Andreas Schneider | 2012-11-14 | 1 | -2/+3 | |
| | | ||||||
| * | CVE-2012-4560: Fix a write one past the end of the 'u' buffer. | Andreas Schneider | 2012-11-14 | 1 | -1/+1 | |
| | | ||||||
| * | CVE-2012-4562: Fix a possible infinite loop in buffer_reinit(). | Andreas Schneider | 2012-11-14 | 1 | -4/+9 | |
| | | | | | | If needed is bigger than the highest power of two or a which fits in an integer we will loop forever. | |||||
| * | CVE-2012-4562: Fix multiple integer overflows in buffer-related functions. | Xi Wang | 2012-11-14 | 1 | -5/+21 | |
| | | ||||||
| * | CVE-2012-4562: Fix possible integer overflows. | Xi Wang | 2012-11-14 | 1 | -2/+14 | |
| | | ||||||
| * | CVE-2012-4562: Fix possible integer overflow in ssh_get_hexa(). | Xi Wang | 2012-11-14 | 1 | -0/+5 | |
| | | | | | No exploit known, but it is better to check the string length. | |||||
| * | pki: Fix integer overflow in ssh_pki_import_privkey_file(). | Xi Wang | 2012-10-22 | 1 | -0/+5 | |
| | | | | | | If the file size is ULONG_MAX, the call to malloc() may allocate a small buffer, leading to a memory corruption. | |||||
| * | channels: Fix integer overflow in generate_cookie(). | Xi Wang | 2012-10-22 | 1 | -1/+1 | |
| | | | | | | | Since the type of rnd[i] is signed char, (rnd[i] >> 4), which is considered as arithmetic shift by gcc, could be negative, leading to out-of-bounds read. | |||||
| * | channels1: Add missing request_state and set it to accepted. | Andreas Schneider | 2012-10-22 | 1 | -0/+1 | |
| | | | | | This fixes bug #88. | |||||
| * | auth1: Reset error state to no error. | Andreas Schneider | 2012-10-22 | 1 | -0/+1 | |
| | | | | | This fixes bug #89. | |||||
| * | session: Fix a possible use after free in ssh_free(). | Andreas Schneider | 2012-10-22 | 1 | -33/+54 | |
| | | | | | | | | We need to cleanup the channels first cause we call ssh_channel_close() on the channels which still require a working socket and poll context. Thanks to sh4rm4! | |||||
| * | options: Fix documentation of ssh_options_get_port(). | Andreas Schneider | 2012-10-14 | 1 | -1/+1 | |
| | | ||||||
| * | kex: Use getter functions to access kex arrays. | Andreas Schneider | 2012-10-12 | 3 | -7/+23 | |
| | | | | | This should fix the build on OpenIndiana. | |||||
| * | scp: Make sure buffer is initialzed. | Andreas Schneider | 2012-10-12 | 1 | -1/+1 | |
| | | | | | Found by Coverity. | |||||
| * | pki: Make sure the key_buf is null terminated. | Andreas Schneider | 2012-10-12 | 1 | -0/+1 | |
| | | | | | Found by Coverity. | |||||
| * | misc: Use a fixed buffer for getenv(). | Andreas Schneider | 2012-10-12 | 1 | -2/+8 | |
| | | ||||||
| * | poll: Fix sizeof in ssh_poll_ctx_resize(). | Andreas Schneider | 2012-10-12 | 1 | -2/+2 | |
| | | | | | | | | sizeof(ssh_poll_handle *) is to be equal to sizeof(ssh_poll_handle), but this is not a portable assumption. Found by Coverity. | |||||
| * | legacy: Use snprintf instead of sprintf. | Andreas Schneider | 2012-10-12 | 1 | -2/+3 | |
| | | | | | Found by Coverity. | |||||
| * | dh: Don't use strcat for ssh_get_hexa(). | Andreas Schneider | 2012-10-12 | 1 | -9/+8 | |
| | | | | | | | This is just hardening the code. Found by Coverity. | |||||
| * | server: Use strncat instead of strcat. | Andreas Schneider | 2012-10-12 | 1 | -4/+12 | |
| | | | | | | | This is just hardening the code. Found by Coverity. | |||||
| * | misc: Use strncpy instead of strcat. | Andreas Schneider | 2012-10-12 | 1 | -1/+1 | |
| | | | | | | | This is just hardening the code. Found by Coverity. | |||||
| * | pki: Fix a possible null pointer dereference. | Andreas Schneider | 2012-10-12 | 1 | -3/+3 | |
| | | | | | Found by Coverity. | |||||
| * | messages: Fix memory leaks in user request callback. | Andreas Schneider | 2012-10-12 | 1 | -54/+41 | |
| | | ||||||
| * | connect: Don't leak the addressinfo on error. | Andreas Schneider | 2012-10-12 | 1 | -0/+1 | |
| | | ||||||
| * | connect: Don't leak the file descriptor on error. | Andreas Schneider | 2012-10-12 | 1 | -0/+1 | |
| | | | | | Found by Coverity. | |||||
| * | session: Don't leak memory in ssh_send_debug(). | Andreas Schneider | 2012-10-12 | 1 | -4/+4 | |
| | | | | | Found by Coverity. | |||||
| * | channels: Don't leak memory in channel_rcv_request callback. | Andreas Schneider | 2012-10-12 | 1 | -0/+1 | |
| | | | | | Found by Coverity. | |||||
| * | auth: Don't leak memory on error in info request callback. | Andreas Schneider | 2012-10-12 | 1 | -3/+5 | |
| | | | | | Found by Coverity. | |||||
| * | dh: Don't leak 'f' on error. | Andreas Schneider | 2012-10-12 | 1 | -5/+6 | |
| | | | | | Found by Coverity. | |||||
| * | legacy: Don't leak the key struct on error. | Andreas Schneider | 2012-10-12 | 1 | -0/+1 | |
| | | | | | Found by Coverity. | |||||
| * | server: Don't leak memory on calling ssh_string_from_char(). | Andreas Schneider | 2012-10-12 | 1 | -8/+32 | |
| | | | | | | | Also check the return values. Found by Coverity. | |||||
| * | pki: Don't leak the signature on error paths. | Andreas Schneider | 2012-10-12 | 1 | -0/+2 | |
| | | | | | Found by Coverity. | |||||
| * | sftp: Don't leak owner and group in sftp_parse_attr_4. | Andreas Schneider | 2012-10-12 | 1 | -6/+15 | |
| | | ||||||
| * | known_hosts: Don't leak memory in ssh_write_knownhost error paths. | Andreas Schneider | 2012-10-12 | 1 | -0/+8 | |
| | | | | | Found by Coverity. | |||||
| * | agent: Fix some memory leaks in error paths. | Andreas Schneider | 2012-10-12 | 1 | -0/+4 | |
| | | | | | Found by Coverity. | |||||
| * | options: Check return code of ssh_iterator_value. | Andreas Schneider | 2012-10-12 | 1 | -1/+5 | |
| | | | | | Found by Coverity. | |||||
| * | kex: Don't compare an array to null. | Andreas Schneider | 2012-10-12 | 1 | -4/+4 | |
| | | | | | Found by Coverity. | |||||
| * | string: Don't compare an array to null. | Andreas Schneider | 2012-10-12 | 1 | -4/+10 | |
| | | | | | Found by Coverity. | |||||
| * | message: Set correct request type. | Andreas Schneider | 2012-10-12 | 1 | -1/+1 | |
| | | | | | Found by Coverity. | |||||
| * | sftpserver: Add missing break statement. | Andreas Schneider | 2012-10-12 | 1 | -0/+1 | |
| | | | | | Found by Coverity. | |||||
| * | server: Fix for loop to free server methods. | Andreas Schneider | 2012-10-12 | 1 | -1/+1 | |
| | | | | | Found by Coverity. | |||||
| * | client: If session is NULL we can't set an error. | Andreas Schneider | 2012-10-09 | 1 | -1/+0 | |
| | | | | | Found by Coverity. | |||||
| * | match: Don't dereference 's' directly. | Andreas Schneider | 2012-10-09 | 1 | -2/+6 | |
| | | | | | Found by Coverity. | |||||
| * | auth: Make error handling code reachable again. | Andreas Schneider | 2012-10-09 | 1 | -5/+5 | |
| | | | | | Found by Coverity. | |||||
| * | pki: Make error handling code reachable again. | Andreas Schneider | 2012-10-09 | 1 | -1/+1 | |
| | | | | | Found by Coverity. | |||||
| * | socket: Check return value of buffer function. | Andreas Schneider | 2012-10-09 | 1 | -1/+4 | |
| | | | | | Found by Coverity. | |||||
| * | channels: Check return values of buffer functions. | Andreas Schneider | 2012-10-09 | 1 | -2/+9 | |
| | | | | | Found by Coverity. | |||||
| * | scp: Check return value of ssh_channel_poll. | Andreas Schneider | 2012-10-09 | 1 | -1/+5 | |
| | | | | | Found by Coverity. | |||||
| * | packet: Check return values of buffer functions. | Andreas Schneider | 2012-10-09 | 1 | -2/+8 | |
| | | | | | Found by Coverity. | |||||
| * | client: Check return value of ssh_handle_packets_termination. | Andreas Schneider | 2012-10-09 | 1 | -6/+9 | |
| | | | | | Found by Coverity. | |||||
 |
index : libssh.git | |
| libssh testing ground | Simo Sorce |
| summaryrefslogtreecommitdiffstats |