shinys000114/libssh
1
0
Fork 0
mirror of https://git.libssh.org/projects/libssh.git synced 2026-02-04 20:30:38 +09:00
Code Issues Packages Projects Releases Wiki Activity

sftpserver: Add missing allocation check that might cause NULL dereference

Browse Source 
Originally reported by Wei Chong Tan <shellcurity at protonmail.com>

Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
Reviewed-by: Norbert Pocs <npocs@redhat.com>
This commit is contained in:
Jakub Jelen
2023-06-27 14:56:14 +02:00
parent ccc7302fc8
commit fe80f47b0a
1 changed files with 6 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
src/sftpserver.c
View File

@@ -962,6 +962,12 @@ process_read(sftp_client_message client_msg)
}
buffer = malloc(client_msg->len);
if (buffer == NULL) {
ssh_set_error_oom(sftp->session);
sftp_reply_status(client_msg, SSH_FX_FAILURE, NULL);
SSH_LOG(SSH_LOG_PROTOCOL, "Failed to allocate memory for read data");
return SSH_ERROR;
}
do {
ssize_t readn = read(fd, buffer + allreadn, client_msg->len - allreadn);
if (readn < 0) {