shinys000114/libssh
1
0
Fork 0
mirror of https://git.libssh.org/projects/libssh.git synced 2026-06-11 12:56:21 +09:00
Code Issues Packages Projects Releases Wiki Activity

string: Made ssh_string_new() to zero-init payload on creation

Browse Source 
Additional hardening realated to 3ce8bf3289 fix that
switches ssh_string_new() to calloc() so the payload bytes
are zero-initialised. ssh_string is used throughout libssh as a
byte container for wire data and crypto material; the uninitialised
payload is never semantically meaningful, and zeroing it kills the
"forgot to check read_len" class of bugs at the source.

Signed-off-by: David Cermak <d_cermak@centrum.cz>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
Merge-Request: <https://gitlab.com/libssh/libssh-mirror/-/merge_requests/829>
This commit is contained in:
David Cermak
2026-05-05 07:14:20 +02:00
committed by Jakub Jelen
parent bc3c8181e1
commit d94a96bf23
1 changed files with 1 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
src/string.c
View File

@@ -62,13 +62,12 @@ struct ssh_string_struct *ssh_string_new(size_t size)
return NULL;
}
str = malloc(sizeof(struct ssh_string_struct) + size);
str = calloc(1, sizeof(struct ssh_string_struct) + size);
if (str == NULL) {
return NULL;
}
str->size = htonl((uint32_t)size);
str->data[0] = 0;
return str;
}