shinys000114/libssh
1
0
Fork 0
mirror of https://git.libssh.org/projects/libssh.git synced 2026-02-04 12:20:42 +09:00
Code Issues Packages Projects Releases Wiki Activity

connector: Avoid possible underflow ...

Browse Source 
... if underlying functions read or write more than expected.

This should never happen, but static analysis tools are inventive.

Thanks coverity!

CID 1548868

Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
This commit is contained in:
Jakub Jelen
2026-01-07 13:44:59 +01:00
parent c9abf5ebbb
commit b61bb3f8ac
1 changed files with 6 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
src/connector.c
View File

@@ -330,7 +330,9 @@ static void ssh_connector_fd_in_cb(ssh_connector connector)
} }
r = ssh_connector_fd_read(connector, buffer, toread); r = ssh_connector_fd_read(connector, buffer, toread);
if (r < 0) { /* Sanity: Make sure we do not get too large return value to make static
* analysis tools happy */
if (r < 0 || r > (ssize_t)toread) {
ssh_connector_except(connector, connector->in_fd); ssh_connector_except(connector, connector->in_fd);
return; return;
} }
@@ -375,7 +377,9 @@ static void ssh_connector_fd_in_cb(ssh_connector connector)
w = ssh_connector_fd_write(connector, w = ssh_connector_fd_write(connector,
buffer + total, buffer + total,
(uint32_t)(r - total)); (uint32_t)(r - total));
if (w < 0) { /* Sanity: Make sure we do not get too large return value
* to make static analysis tools happy */
if (w < 0 || w > (r - total)) {
ssh_connector_except(connector, connector->out_fd); ssh_connector_except(connector, connector->out_fd);
return; return;
} }