mirror of https://git.libssh.org/projects/libssh.git synced 2026-02-11 10:40:27 +09:00

Go to file

Jakub Jelen 6d74aa6138 CVE-2026-0967 match: Avoid recursive matching (ReDoS)

The specially crafted patterns (from configuration files) could cause
exhaustive search or timeouts.

Previous attempts to fix this by limiting recursion to depth 16 avoided
stack overflow, but not timeouts. This is due to the backtracking,
which caused the exponential time complexity O(N^16) of existing algorithm.

This is code comes from the same function from OpenSSH, where this code
originates from, which is not having this issue (due to not limiting the number
of recursion), but will also easily exhaust stack due to unbound recursion:

05bcd0cadf

This is an attempt to simplify the algorithm by preventing the backtracking
to previous wildcard, which should keep the same behavior for existing inputs
while reducing the complexity to linear O(N*M).

This fixes the long-term issue we had with fuzzing as well as recently reported
security issue by Kang Yang.

Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Pavol Žáčik <pzacik@redhat.com>
(cherry picked from commit a411de5ce8)

2026-02-06 09:48:36 +01:00

.gitlab-ci

ci: Add shellcheck

2024-03-22 12:35:07 +01:00

cmake

cmake: Fixed compatibility issues with "CPM.cmake" in combination with the libraries MBedTLS and libgcrypt.

2025-06-23 13:06:11 +02:00

doc

CVE-2025-4878 Initialize pointers where possible

2025-06-24 09:27:52 +02:00

examples

CVE-2025-4878 Initialize pointers where possible

2025-06-24 09:27:52 +02:00

include

socket: do not free poll object if it is locked

2025-08-14 11:02:39 +02:00

src

CVE-2026-0967 match: Avoid recursive matching (ReDoS)

2026-02-06 09:48:36 +01:00

tests

CVE-2026-0967 match: Avoid recursive matching (ReDoS)

2026-02-06 09:48:36 +01:00

.arcconfig

arcconfig: Add missing comma

2017-08-21 09:12:36 +02:00

.clang-format

clang-format: Update config for clang 19

2025-06-23 13:13:31 +02:00

.editorconfig

Fix editorconfig

2022-05-23 10:14:18 +02:00

.gitignore

Generate a tagfile with Doxygen

2024-01-02 16:53:23 +01:00

.gitlab-ci.yml

ci: Use pkcs11-provider on c9s

2026-02-06 09:42:59 +01:00

.gitleaks.toml

Add gitleaks configuration file to avoid false positives

2022-08-08 10:14:53 +02:00

AUTHORS

src: Update my mail address.

2014-01-07 16:08:23 +01:00

BSD

added a file from openssh needed for known host parsing

2008-11-02 23:46:55 +00:00

CHANGELOG

Bump version to 0.11.3

2025-09-09 10:01:48 +02:00

CMakeLists.txt

cmake: Propagate WITH_FINAL to abimap conditionally

2026-02-06 09:44:21 +01:00

CompilerChecks.cmake

cmake: Do not attempt to use -fstack-clash-protection on MacOS M1 chips

2025-06-23 13:14:09 +02:00

config.h.cmake

Conditional compilation of localnetwork matching

2024-08-02 11:20:52 +02:00

ConfigureChecks.cmake

Conditional compilation of localnetwork matching

2024-08-02 11:20:52 +02:00

CONTRIBUTING.md

CONTRIBUTING: Do not indent case labels nor blocks

2023-06-05 15:52:58 +02:00

COPYING

COPYING: Reformat the last paragraph

2018-11-17 20:11:51 +01:00

CPackConfig.cmake

cpack: Make sure to not package .git file

2024-08-19 15:16:33 +02:00

CTestConfig.cmake

cmake: Drop reports via https only.

2015-02-20 15:47:22 +01:00

DefineOptions.cmake

feat: add tests for gssapi-with-mic

2024-07-11 16:44:07 +02:00

INSTALL

INSTALL: Update minimal CMake version to match reality

2024-06-04 12:46:55 +02:00

libssh.pc.cmake

cmake: Fix pkgconfig path relocation in mingw

2022-09-22 12:38:12 +02:00

README

README: Mention CONTRIBUTING not SubmittingPatches

2020-09-29 13:05:34 +02:00

README.mbedtls

pki: Add mbedTLS ECDSA key comparison support

2018-03-07 15:44:05 +01:00

README.md

README: Mention CONTRIBUTING not SubmittingPatches

2020-09-29 13:05:34 +02:00

README.md

  _   _   _                          _
 (_) (_) (_)                        (_)
 (_)  _  (_) _         _  _   _  _  (_) _
 (_) (_) (_)(_) _     (_)(_) (_)(_) (_)(_) _
 (_) (_) (_)   (_)  _ (_)  _ (_)    (_)   (_)
 (_) (_) (_)(_)(_) (_)(_) (_)(_)    (_)   (_).org

 The SSH library

Why?

Why not ? :) I've began to work on my own implementation of the ssh protocol because i didn't like the currently public ones. Not any allowed you to import and use the functions as a powerful library, and so i worked on a library-based SSH implementation which was non-existing in the free and open source software world.

How/Who?

If you downloaded this file, you must know what it is : a library for accessing ssh client services through C libraries calls in a simple manner. Everybody can use this software under the terms of the LGPL - see the COPYING file

If you ask yourself how to compile libssh, please read INSTALL before anything.

Where ?

https://www.libssh.org

Contributing

Please read the file 'CONTRIBUTING.md' next to this README file. It explains our copyright policy and how you should send patches for upstream inclusion.

Have fun and happy libssh hacking!

The libssh Team