mirror of
https://git.libssh.org/projects/libssh.git
synced 2026-02-04 12:20:42 +09:00
CVE-2025-4878 Initialize pointers where possible
This is mostly mechanical change initializing all the pointers I was able to
find with some grep and manual review of sources and examples.
Used the following greps (which yield some false positives though):
git grep " \w* *\* *\w*;$"
git grep " ssh_session \w*;"
git grep " ssh_channel \w*;"
git grep " struct ssh_iterator \*\w*;"
git grep " ssh_bind \w*;"
git grep " ssh_key \w*;"
git grep " ssh_string \w*;"
git grep " ssh_buffer \w*;"
git grep " HMACCTX \w*;"
git grep " SHACTX \w*;"
grep -rinP '^(?!.*=)\s*(?:\w+\s+)*\w+\s*\*\s*\w+\s*;'
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
This commit is contained in:
Jakub Jelen
committed by
Andreas Schneider
Andreas Schneider
parent
5d27f69494
commit
2eb2af4426
@@ -105,7 +105,7 @@ Here is a small example of password authentication:
|
||||
@code
|
||||
int authenticate_password(ssh_session session)
|
||||
{
|
||||
char *password;
|
||||
char *password = NULL;
|
||||
int rc;
|
||||
|
||||
password = getpass("Enter your password: ");
|
||||
@@ -218,7 +218,7 @@ int authenticate_kbdint(ssh_session session)
|
||||
rc = ssh_userauth_kbdint(session, NULL, NULL);
|
||||
while (rc == SSH_AUTH_INFO)
|
||||
{
|
||||
const char *name, *instruction;
|
||||
const char *name = NULL, *instruction = NULL;
|
||||
int nprompts, iprompt;
|
||||
|
||||
name = ssh_userauth_kbdint_getname(session);
|
||||
@@ -231,7 +231,7 @@ int authenticate_kbdint(ssh_session session)
|
||||
printf("%s\n", instruction);
|
||||
for (iprompt = 0; iprompt < nprompts; iprompt++)
|
||||
{
|
||||
const char *prompt;
|
||||
const char *prompt = NULL;
|
||||
char echo;
|
||||
|
||||
prompt = ssh_userauth_kbdint_getprompt(session, iprompt, &echo);
|
||||
@@ -251,7 +251,7 @@ int authenticate_kbdint(ssh_session session)
|
||||
}
|
||||
else
|
||||
{
|
||||
char *ptr;
|
||||
char *ptr = NULL;
|
||||
|
||||
ptr = getpass(prompt);
|
||||
if (ssh_userauth_kbdint_setanswer(session, iprompt, ptr) < 0)
|
||||
@@ -354,7 +354,7 @@ The following example shows how to retrieve and dispose the issue banner:
|
||||
int display_banner(ssh_session session)
|
||||
{
|
||||
int rc;
|
||||
char *banner;
|
||||
char *banner = NULL;
|
||||
|
||||
/*
|
||||
*** Does not work without calling ssh_userauth_none() first ***
|
||||
|
||||
@@ -22,7 +22,7 @@ a SSH session that uses this channel:
|
||||
@code
|
||||
int show_remote_files(ssh_session session)
|
||||
{
|
||||
ssh_channel channel;
|
||||
ssh_channel channel = NULL;
|
||||
int rc;
|
||||
|
||||
channel = ssh_channel_new(session);
|
||||
|
||||
@@ -100,7 +100,7 @@ used to retrieve google's home page from the remote SSH server.
|
||||
@code
|
||||
int direct_forwarding(ssh_session session)
|
||||
{
|
||||
ssh_channel forwarding_channel;
|
||||
ssh_channel forwarding_channel = NULL;
|
||||
int rc = SSH_ERROR;
|
||||
char *http_get = "GET / HTTP/1.1\nHost: www.google.com\n\n";
|
||||
int nbytes, nwritten;
|
||||
@@ -161,7 +161,7 @@ local libssh application, which handles them:
|
||||
int web_server(ssh_session session)
|
||||
{
|
||||
int rc;
|
||||
ssh_channel channel;
|
||||
ssh_channel channel = NULL;
|
||||
char buffer[256];
|
||||
int nbytes, nwritten;
|
||||
int port = 0;
|
||||
|
||||
@@ -79,7 +79,7 @@ Here is a small example of how to use it:
|
||||
|
||||
int main()
|
||||
{
|
||||
ssh_session my_ssh_session;
|
||||
ssh_session my_ssh_session = NULL;
|
||||
int verbosity = SSH_LOG_PROTOCOL;
|
||||
int port = 22;
|
||||
|
||||
@@ -126,7 +126,7 @@ Here's an example:
|
||||
|
||||
int main()
|
||||
{
|
||||
ssh_session my_ssh_session;
|
||||
ssh_session my_ssh_session = NULL;
|
||||
int rc;
|
||||
|
||||
my_ssh_session = ssh_new();
|
||||
@@ -190,8 +190,8 @@ int verify_knownhost(ssh_session session)
|
||||
ssh_key srv_pubkey = NULL;
|
||||
size_t hlen;
|
||||
char buf[10];
|
||||
char *hexa;
|
||||
char *p;
|
||||
char *hexa = NULL;
|
||||
char *p = NULL;
|
||||
int cmp;
|
||||
int rc;
|
||||
|
||||
@@ -317,9 +317,9 @@ The example below shows an authentication with password:
|
||||
|
||||
int main()
|
||||
{
|
||||
ssh_session my_ssh_session;
|
||||
ssh_session my_ssh_session = NULL;
|
||||
int rc;
|
||||
char *password;
|
||||
char *password = NULL;
|
||||
|
||||
// Open session and set options
|
||||
my_ssh_session = ssh_new();
|
||||
@@ -380,7 +380,7 @@ The example below shows how to execute a remote command:
|
||||
@code
|
||||
int show_remote_processes(ssh_session session)
|
||||
{
|
||||
ssh_channel channel;
|
||||
ssh_channel channel = NULL;
|
||||
int rc;
|
||||
char buffer[256];
|
||||
int nbytes;
|
||||
|
||||
@@ -26,7 +26,7 @@ The code sample below achieves these tasks:
|
||||
@code
|
||||
int shell_session(ssh_session session)
|
||||
{
|
||||
ssh_channel channel;
|
||||
ssh_channel channel = NULL;
|
||||
int rc;
|
||||
|
||||
channel = ssh_channel_new(session);
|
||||
|
||||
Reference in New Issue
Block a user