From b61bb3f8ac0422ede7eddaf5c32776379436dcf9 Mon Sep 17 00:00:00 2001
From: Jakub Jelen <jjelen@redhat.com>
Date: Wed, 7 Jan 2026 13:44:59 +0100
Subject: [PATCH] connector: Avoid possible underflow ...

... if underlying functions read or write more than expected.

This should never happen, but static analysis tools are inventive.

Thanks coverity!

CID 1548868

Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
---
 src/connector.c | 8 ++++++--
 1 file changed, 6 insertions(+), 2 deletions(-)

diff --git a/src/connector.c b/src/connector.c
index bf96dbc9..09351730 100644
--- a/src/connector.c
+++ b/src/connector.c
@@ -330,7 +330,9 @@ static void ssh_connector_fd_in_cb(ssh_connector connector)
         }
 
         r = ssh_connector_fd_read(connector, buffer, toread);
-        if (r < 0) {
+        /* Sanity: Make sure we do not get too large return value to make static
+         * analysis tools happy */
+        if (r < 0 || r > (ssize_t)toread) {
             ssh_connector_except(connector, connector->in_fd);
             return;
         }
@@ -375,7 +377,9 @@ static void ssh_connector_fd_in_cb(ssh_connector connector)
                     w = ssh_connector_fd_write(connector,
                                                buffer + total,
                                                (uint32_t)(r - total));
-                    if (w < 0) {
+                    /* Sanity: Make sure we do not get too large return value
+                     * to make static analysis tools happy */
+                    if (w < 0 || w > (r - total)) {
                         ssh_connector_except(connector, connector->out_fd);
                         return;
                     }