misc: Fixed a possible data overread and crash bug.

(backported from commit 30e22fed6e)

libssh/client.c

@@ -110,13 +110,15 @@ static int ssh_analyze_banner(ssh_session session, int *ssh1, int *ssh2) {
   const char *banner = session->serverbanner;
   const char *openssh;
 
-  ssh_log(session, SSH_LOG_RARE, "Analyzing banner: %s", banner);
+  if (banner == NULL ||
-
+      strlen(banner) <= 4 ||
-  if (strncmp(banner, "SSH-", 4) != 0) {
+      strncmp(banner, "SSH-", 4) != 0) {
     ssh_set_error(session, SSH_FATAL, "Protocol mismatch: %s", banner);
     return -1;
   }
 
+  ssh_log(session, SSH_LOG_RARE, "Analyzing banner: %s", banner);
+
   /*
    * Typical banners e.g. are:
    * SSH-1.5-blah