shinys000114/libssh
1
0
Fork 0
mirror of https://git.libssh.org/projects/libssh.git synced 2026-02-07 02:39:48 +09:00
Code Issues Packages Projects Releases Wiki Activity
6,426 Commits 12 Branches 62 Tags
358553e9765e7873a9d3972dd877dfe415c1dc06
Commit Graph

67 Commits

Author SHA1 Message Date
Jakub Jelen
2eb2af4426 CVE-2025-4878 Initialize pointers where possible 
This is mostly mechanical change initializing all the pointers I was able to
find with some grep and manual review of sources and examples.

Used the following greps (which yield some false positives though):

    git grep "    \w* *\* *\w*;$"
    git grep " ssh_session \w*;"
    git grep " ssh_channel \w*;"
    git grep " struct ssh_iterator \*\w*;"
    git grep " ssh_bind \w*;"
    git grep " ssh_key \w*;"
    git grep " ssh_string \w*;"
    git grep " ssh_buffer \w*;"
    git grep " HMACCTX \w*;"
    git grep " SHACTX \w*;"
    grep -rinP '^(?!.*=)\s*(?:\w+\s+)*\w+\s*\*\s*\w+\s*;'

Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2025-06-23 15:24:30 +02:00
Jakub Jelen
d38007c4be CVE-2025-5449 sftpserver: Use constant for return values 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2025-06-23 13:37:06 +02:00
Jakub Jelen
e322e8f50c CVE-2025-5449 sftpserver: Avoid NULL dereference for invalid handles 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2025-06-23 13:37:06 +02:00
Jakub Jelen
db7f101d1c CVE-2025-5449 sftpserver: Avoid memory leak when we run out of handles during sftp_open 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2025-06-23 13:37:06 +02:00
Jakub Jelen
ae8881dfe5 CVE-2025-5318: sftpserver: Fix possible buffer overrun 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2025-06-23 13:37:06 +02:00
Jakub Jelen
69c169e4cb sftpserver: Free memory on error condition 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Norbert Pocs <norbertpocs0@gmail.com>
 2025-04-16 17:41:22 +02:00
Eshan Kelkar
a59d587060 sftpserver.c: Add support for O_TRUNC while opening files 
Signed-off-by: Eshan Kelkar <eshankelkar@galorithm.com>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
 2025-03-18 18:13:52 +01:00
Jakub Jelen
b7018c17c7 Fix implicit type conversions and warnings on windows builds 
The visual studio windows builds spit dozens of lines of warnings
on these.

Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2025-01-03 15:18:53 +01:00
Jakub Jelen
d0ecb5388c sftpserver: Do not override the ssh error code 
Fixes: https://gitlab.com/libssh/libssh-mirror/-/issues/275#note_2162076660

Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Sahana Prasad <sahana@redhat.com>
 2024-11-12 17:46:38 +01:00
JamesWrigley
629ba3fd34 Fix typo 
Renamed `process_unsupposed` to `process_unsupported`.

Signed-off-by: James Wrigley <james@puiterwijk.org>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
 2024-10-21 13:48:14 +02:00
Jakub Jelen
60ec21a5bf sftpserver: Use correct type for lseek return value 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Sahana Prasad <sahana@redhat.com>
Reviewed-by: Eshan Kelkar <eshankelkar@galorithm.com>
 2024-07-18 21:38:14 +02:00
Jakub Jelen
7d82bc377f sftpserver: Add missing return while processing write 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Sahana Prasad <sahana@redhat.com>
Reviewed-by: Eshan Kelkar <eshankelkar@galorithm.com>
 2024-07-18 21:38:00 +02:00
Jakub Jelen
8ed9f5e69b sftpserver: Reuse ssh_{read,write}n 
This removes the code reported by the following coverity issue:

 *** CID 1548867:  Insecure data handling  (INTEGER_OVERFLOW)

Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Sahana Prasad <sahana@redhat.com>
Reviewed-by: Eshan Kelkar <eshankelkar@galorithm.com>
 2024-07-18 21:37:12 +02:00
Abdelrahman Youssef
21627509f5 support for setstat on server 
Signed-off-by: Abdelrahman Youssef <abdelrahmanyossef12@gmail.com>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
 2024-06-20 12:33:44 +02:00
Jakub Jelen
fe80f47b0a sftpserver: Add missing allocation check that might cause NULL dereference 
Originally reported by Wei Chong Tan <shellcurity at protonmail.com>

Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
Reviewed-by: Norbert Pocs <npocs@redhat.com>
 2023-07-11 17:45:45 +02:00
Jakub Jelen
62f013ae96 sftpserver: Check return value ssh_buffer_get_u32 
CID 1513157

Thanks coverity

Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Norbert Pocs <npocs@redhat.com>
 2023-06-28 10:18:06 +02:00
Jakub Jelen
20dcb8b830 sftpserver: Reformat remaining condition 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Norbert Pocs <npocs@redhat.com>
 2023-06-28 10:17:47 +02:00
Jakub Jelen
9709a466d7 sftpserver: Set OOM only if allocation fails 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Norbert Pocs <npocs@redhat.com>
 2023-06-28 10:17:25 +02:00
Jakub Jelen
ddfc2e08b9 sftpserver: Initialize pointers 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Norbert Pocs <npocs@redhat.com>
 2023-06-28 10:14:15 +02:00
Jakub Jelen
5b2957f0a7 sftpserver: Avoid unreachable code line 
CID 1513155

Thanks coverity

Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Sahana Prasad <sahana@redhat.com>
 2023-06-22 17:29:39 +02:00
Jakub Jelen
e6d2b6c713 sftpserver: Avoid leaking fd and dir on allocation error 
CID 1513160 and CID 1513159

Thanks coverity

Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Sahana Prasad <sahana@redhat.com>
 2023-06-20 15:20:01 +02:00
Jakub Jelen
c024280669 sftp: Clarify the order of arguments for symlink 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
Reviewed-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
 2023-06-06 10:54:31 +02:00
Jakub Jelen
baa18d3712 sftp: Properly check bounds of incoming packet 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
Reviewed-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
 2023-06-06 10:54:31 +02:00
Jakub Jelen
cd54390188 sftpserver: Standardize logging on errors 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
Reviewed-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
 2023-06-06 10:54:31 +02:00
Jakub Jelen
f09b475c4b sftpserver: Properly handle empty files and EOF while reading 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
Reviewed-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
 2023-06-06 10:54:31 +02:00
Jakub Jelen
3fc30681f4 sftpserver: Properly handle mkdir modes 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
Reviewed-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
 2023-06-06 10:54:31 +02:00
Jakub Jelen
2a0d6d854a sftpserver: Properly handle open modes 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
Reviewed-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
 2023-06-06 10:54:31 +02:00
Jakub Jelen
492317efe9 Rename the sftp_process_init_packet() 
... to better describe the function, which is only replying to the client with
our version and extensions.

Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
Reviewed-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
 2023-06-06 10:54:31 +02:00
Jakub Jelen
1fe98800d2 sftpserver: Implement stat and realpath 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
Reviewed-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
 2023-06-06 10:54:31 +02:00
Jakub Jelen
7427090a9f sftpserver: Improve logging 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
Reviewed-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
 2023-06-06 10:54:31 +02:00
Jakub Jelen
ff897165ca Reformat most of the sftpserver.c 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
Reviewed-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
 2023-06-06 10:54:31 +02:00
Jakub Jelen
d0bfab2549 sftpserver: Fix reading and writing if buffering occurs 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
Reviewed-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
 2023-06-06 10:54:31 +02:00
Jakub Jelen
691105e93b Remove needless new symbols and add required to API 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
Reviewed-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
 2023-06-06 10:54:31 +02:00
Jakub Jelen
5ea54c8159 sftpserver: Move duplicate code handling SFTP operations to library 
These can be replaced by user-provided functions when needed.

Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
Reviewed-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
 2023-06-06 10:54:31 +02:00
Jakub Jelen
0affa5d705 sftp: Remove duplicate code handling packet types 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
Reviewed-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
 2023-06-06 10:54:31 +02:00
tatataeki
8104c19013 sftp: fix problems in sftp APIs and example 
Signed-off-by: tatataeki <shengzeyu19_98@163.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
Reviewed-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
 2023-06-06 10:54:31 +02:00
tatataeki
0a5161a7d1 sftp: fix format problems, style nit and building problems 
Signed-off-by: tatataeki <shengzeyu19_98@163.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
Reviewed-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
 2023-06-06 10:54:31 +02:00
tatataeki
69ad6985de sftp: format modified 
Signed-off-by: tatataeki <shengzeyu19_98@163.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
Reviewed-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
 2023-06-06 10:54:31 +02:00
tatataeki
48d14ee9a9 examples: add sftpserver example and fix problems 
Signed-off-by: tatataeki <shengzeyu19_98@163.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
Reviewed-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
 2023-06-06 10:54:31 +02:00
tatataeki
f8bfb5a7a1 sftp: add sftp api for sftpserver 
Signed-off-by: tatataeki <shengzeyu19_98@163.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
Reviewed-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
 2023-06-06 10:54:30 +02:00
Andreas Schneider
2782cb0495 sftpserver: Add missing return check for ssh_buffer_add_data() 
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
Reviewed-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
 2020-06-03 10:38:40 +02:00
Andreas Schneider
533d881b0f sftpserver: Add missing NULL check for ssh_buffer_new() 
Thanks to Ramin Farajpour Cami for spotting this.

Fixes T232

Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
Reviewed-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
 2020-06-03 10:38:34 +02:00
Andreas Schneider
88a3dd86f1 packet_cb: Use SSH_BUFFER_FREE() 
Fixes T183

Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
 2019-12-09 16:08:03 +01:00
Andreas Schneider
449c0d66cc sftpserver: Use SSH_STRING_FREE() 
Fixes T183

Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
 2019-12-09 16:08:03 +01:00
Andreas Schneider
b18acbdc7e sftpserver: Fix integer type in sftp_reply_data() 
Fixes T188

Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
 2019-12-09 16:08:03 +01:00
Andreas Schneider
db4345fb36 sftp: Remove internal function from sftp.h 
Those are not marked as LIBSSH_API so not part of the public API and the
symbols aren't exported!

Fixes T188

Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
 2019-12-09 16:08:03 +01:00
Alberto Aguirre
14f5624ff5 sftpserver: allocate packet on sftp_server_new 
Ensure sftp_server_new allocates the packet and payload as
sftp_packet_read now expects the packet and payload to be
pre-allocated.

Similarly, ensure sftp_get_client_message does not free the packet.

Signed-off-by: Alberto Aguirre <albaguirre@gmail.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2018-09-25 16:41:54 +02:00
Chris Townsend
6c56c1e0d7 sftpserver: Support some openssh extensions 
Add support for "hardlink@openssh.com" and
"posix-rename@openssh.com" extensions.

Signed-off-by: Chris Townsend <christopher.townsend@canonical.com>
Signed-off-by: Alberto Aguirre <albaguirre@gmail.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
 2018-09-20 16:35:13 +02:00
Andreas Schneider
c563ed636a Remove vim modelines from all files 
If you want modelines use my vim plugin:
https://github.com/cryptomilk/git-modeline.vim

git config --add vim.modeline "ts=4 sw=4 et"

Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
 2018-06-28 08:41:08 +02:00
Andreas Schneider
78ce67f579 sftpserver: Use calloc() instead of malloc() 
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
 2018-01-18 18:54:18 +01:00