CVE-2025-5449 sftpserver: Use constant for return values

Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2026-02-04 12:20:42 +09:00 · 2025-04-23 13:42:13 +02:00
parent f79ec51b7f
commit 5504ff4051
1 changed files with 3 additions and 3 deletions
--- a/src/sftpserver.c
+++ b/src/sftpserver.c
@@ -1829,13 +1829,13 @@ sftp_channel_default_data_callback(UNUSED_PARAM(ssh_session session),

    if (sftpp == NULL) {
        SSH_LOG(SSH_LOG_WARNING, "NULL userdata passed to callback");
-        return -1;
+        return SSH_ERROR;
    }
    sftp = *sftpp;

    decode_len = sftp_decode_channel_data_to_packet(sftp, data, len);
-    if (decode_len == -1)
-        return -1;
+    if (decode_len == SSH_ERROR)
+        return SSH_ERROR;

    msg = sftp_get_client_message_from_packet(sftp);
    rc = process_client_message(msg);