shinys000114/libssh
1
0
Fork 0
mirror of https://git.libssh.org/projects/libssh.git synced 2026-02-12 11:10:28 +09:00
Code Issues Packages Projects Releases Wiki Activity

CVE-2026-0966 misc: Avoid heap buffer underflow in ssh_get_hexa

Browse Source 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Pavol Žáčik <pzacik@redhat.com>
This commit is contained in:
Jakub Jelen
2026-01-08 12:09:50 +01:00
parent a411de5ce8
commit 417a095e67
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
src/misc.c
View File

@@ -499,7 +499,7 @@ ssh_get_hexa_internal(const unsigned char *what, size_t len, bool colons)
size_t bytes_per_byte = 2 + (colons ? 1 : 0); size_t bytes_per_byte = 2 + (colons ? 1 : 0);
size_t hlen = len * bytes_per_byte; size_t hlen = len * bytes_per_byte;
if (len > (UINT_MAX - 1) / bytes_per_byte) { if (what == NULL || len < 1 || len > (UINT_MAX - 1) / bytes_per_byte) {
return NULL; return NULL;
} }