shinys000114/libssh
1
0
Fork 0
mirror of https://git.libssh.org/projects/libssh.git synced 2026-02-12 11:10:28 +09:00
Code Issues Packages Projects Releases Wiki Activity

CVE-2026-0965 config: Do not attempt to read non-regular and too large configuration files

Browse Source 
Changes also the reading of known_hosts to use the new helper function

Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
(cherry picked from commit a5eb30dbfd)
This commit is contained in:
Jakub Jelen
2025-12-11 17:33:19 +01:00
parent 3e1d276a5a
commit bf390a0426
9 changed files with 110 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
src/known_hosts.c
View File

@@ -83,7 +83,7 @@ static struct ssh_tokens_st *ssh_get_knownhost_line(FILE **file,
struct ssh_tokens_st *tokens = NULL;
if (*file == NULL) {
*file = fopen(filename,"r");
*file = ssh_strict_fopen(filename, SSH_MAX_CONFIG_FILE_SIZE);
if (*file == NULL) {
return NULL;
}