libssh

mirror of https://git.libssh.org/projects/libssh.git synced 2026-02-05 04:40:31 +09:00

Files

Jakub Jelen 2eb2af4426 CVE-2025-4878 Initialize pointers where possible

This is mostly mechanical change initializing all the pointers I was able to
find with some grep and manual review of sources and examples.

Used the following greps (which yield some false positives though):

    git grep "    \w* *\* *\w*;$"
    git grep " ssh_session \w*;"
    git grep " ssh_channel \w*;"
    git grep " struct ssh_iterator \*\w*;"
    git grep " ssh_bind \w*;"
    git grep " ssh_key \w*;"
    git grep " ssh_string \w*;"
    git grep " ssh_buffer \w*;"
    git grep " HMACCTX \w*;"
    git grep " SHACTX \w*;"
    grep -rinP '^(?!.*=)\s*(?:\w+\s+)*\w+\s*\*\s*\w+\s*;'

Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>

2025-06-23 15:24:30 +02:00

ABI

API: Bump SO version to 4.10.0

2024-07-31 15:00:24 +02:00

external

kex: Add sntrup761x25519-sha512@openssh.com.

2025-01-21 11:32:49 +01:00

threads

CVE-2025-4878 Initialize pointers where possible

2025-06-23 15:24:30 +02:00

agent.c

CVE-2025-4878 Initialize pointers where possible

2025-06-23 15:24:30 +02:00

auth.c

CVE-2025-4878 Initialize pointers where possible

2025-06-23 15:24:30 +02:00

base64.c

CVE-2025-4877 base64: Prevent integer overflow and potential OOB

2025-06-23 13:33:10 +02:00

bignum.c

bignum: Make sure the padding is large enough for the number

2025-01-21 11:32:49 +01:00

bind_config.c

CVE-2025-4878 Initialize pointers where possible

2025-06-23 15:24:30 +02:00

bind.c

CVE-2025-4878 Initialize pointers where possible

2025-06-23 15:24:30 +02:00

buffer.c

CVE-2025-4878 Initialize pointers where possible

2025-06-23 15:24:30 +02:00

callbacks.c

CVE-2025-4878 Initialize pointers where possible

2025-06-23 15:24:30 +02:00

chachapoly.c

CVE-2025-4878 Initialize pointers where possible

2025-06-23 15:24:30 +02:00

channels.c

CVE-2025-4878 Initialize pointers where possible

2025-06-23 15:24:30 +02:00

client.c

CVE-2025-4878 Initialize pointers where possible

2025-06-23 15:24:30 +02:00

CMakeLists.txt

refactor(curve25519): split the single file curve25519.c into multiple files for better readability

2025-05-06 22:03:18 +02:00

config_parser.c

CVE-2025-4878 Initialize pointers where possible

2025-06-23 15:24:30 +02:00

config.c

CVE-2025-4878 Initialize pointers where possible

2025-06-23 15:24:30 +02:00

connect.c

CVE-2025-4878 Initialize pointers where possible

2025-06-23 15:24:30 +02:00

connector.c

CVE-2025-4878 Initialize pointers where possible

2025-06-23 15:24:30 +02:00

crypto_common.c

crypto: Use stdint types and make code more readable of secure_memcmp()

2022-06-20 09:18:59 +02:00

curve25519_crypto.c

refactor(curve25519): split the single file curve25519.c into multiple files for better readability

2025-05-06 22:03:18 +02:00

curve25519_fallback.c

refactor(curve25519): split the single file curve25519.c into multiple files for better readability

2025-05-06 22:03:18 +02:00

curve25519_gcrypt.c

refactor(curve25519): split the single file curve25519.c into multiple files for better readability

2025-05-06 22:03:18 +02:00

curve25519_mbedcrypto.c

refactor(curve25519): split the single file curve25519.c into multiple files for better readability

2025-05-06 22:03:18 +02:00

curve25519.c

refactor(curve25519): split the single file curve25519.c into multiple files for better readability

2025-05-06 22:03:18 +02:00

dh_crypto.c

CVE-2025-4878 Initialize pointers where possible

2025-06-23 15:24:30 +02:00

dh_key.c

Fix various spelling issues reported by codespell

2022-10-12 13:50:38 +02:00

dh-gex.c

dh-gex: Avoid reading the EOF stream

2025-04-16 17:41:22 +02:00

dh.c

CVE-2023-48795: client side mitigation

2023-12-18 17:35:04 +01:00

ecdh_crypto.c

CVE-2025-4878 Initialize pointers where possible

2025-06-23 15:24:30 +02:00

ecdh_gcrypt.c

CVE-2025-4878 Initialize pointers where possible

2025-06-23 15:24:30 +02:00

ecdh_mbedcrypto.c

CVE-2023-48795: client side mitigation

2023-12-18 17:35:04 +01:00

ecdh.c

CVE-2023-48795: client side mitigation

2023-12-18 17:35:04 +01:00

error.c

SSH_LOG_TRACE: Recategorize loglevels

2022-10-07 09:13:19 +02:00

gcrypt_missing.c

CVE-2025-4878 Initialize pointers where possible

2025-06-23 15:24:30 +02:00

getpass.c

CVE-2025-4878 Initialize pointers where possible

2025-06-23 15:24:30 +02:00

getrandom_crypto.c

getrandom_crypto.c: Add function to the documentation

2022-09-29 11:12:55 +02:00

getrandom_gcrypt.c

Build external override library with all symbols

2022-07-19 15:21:50 +02:00

getrandom_mbedcrypto.c

Build external override library with all symbols

2022-07-19 15:21:50 +02:00

gssapi.c

CVE-2025-4878 Initialize pointers where possible

2025-06-23 15:24:30 +02:00

gzip.c

zlib: Move conditional compilation inside of the gzip.c

2025-01-14 14:47:44 +01:00

init.c

Add missing includes for fprintf()

2022-11-23 15:29:29 +01:00

kdf.c

CVE-2023-6918: kdf: Detect context init failures

2023-12-18 17:35:04 +01:00

kex.c

CVE-2025-4878 Initialize pointers where possible

2025-06-23 15:24:30 +02:00

known_hosts.c

CVE-2025-4878 Initialize pointers where possible

2025-06-23 15:24:30 +02:00

knownhosts.c

CVE-2025-4878 Initialize pointers where possible

2025-06-23 15:24:30 +02:00

legacy.c

CVE-2025-4878 Initialize pointers where possible

2025-06-23 15:24:30 +02:00

libcrypto-compat.h

Move old DSA and RSA structs into EVP_PKEY

2022-12-20 10:07:27 +01:00

libcrypto.c

Use Ed25519 in OpenSSL through the EVP_PKEY API

2025-02-27 10:52:17 +01:00

libgcrypt.c

gcrypt: Store random numbers in secure memory

2024-12-03 15:19:51 +01:00

libmbedcrypto.c

CVE-2025-4878 Initialize pointers where possible

2025-06-23 15:24:30 +02:00

libssh.map

Add missing symbol to the map

2025-04-02 10:59:53 +02:00

log.c

CVE-2025-4878 Initialize pointers where possible

2025-06-23 15:24:30 +02:00

match.c

Fix implicit type conversions and warnings on windows builds

2025-01-03 15:18:53 +01:00

mbedcrypto_missing.c

crypto: Add ssh_crypto_free().

2023-08-25 15:13:31 +02:00

mbedcrypto-compat.h

refactor(curve25519): split the single file curve25519.c into multiple files for better readability

2025-05-06 22:03:18 +02:00

md_crypto.c

CVE-2023-6918: Systematically check return values when calculating digests

2023-12-18 17:35:04 +01:00

md_gcrypt.c

CVE-2023-6918: Systematically check return values when calculating digests

2023-12-18 17:35:04 +01:00

md_mbedcrypto.c

CVE-2023-6918: Systematically check return values when calculating digests

2023-12-18 17:35:04 +01:00

messages.c

CVE-2025-4878 Initialize pointers where possible

2025-06-23 15:24:30 +02:00

misc.c

CVE-2025-4878 Initialize pointers where possible

2025-06-23 15:24:30 +02:00

options.c

CVE-2025-4878 Initialize pointers where possible

2025-06-23 15:24:30 +02:00

packet_cb.c

extensions: Host-bound public key authentication

2025-03-18 17:34:04 +02:00

packet_crypt.c

CVE-2025-4878 Initialize pointers where possible

2025-06-23 15:24:30 +02:00

packet.c

CVE-2025-4878 Initialize pointers where possible

2025-06-23 15:24:30 +02:00

pcap.c

pcap: Reformat

2023-07-11 17:45:31 +02:00

pki_container_openssh.c

CVE-2025-4878 Initialize pointers where possible

2025-06-23 15:24:30 +02:00

pki_crypto.c

CVE-2025-4878 Initialize pointers where possible

2025-06-23 15:24:30 +02:00

pki_ed25519_common.c

CVE-2025-4878 Initialize pointers where possible

2025-06-23 15:24:30 +02:00

pki_ed25519.c

CVE-2025-4878 Initialize pointers where possible

2025-06-23 15:24:30 +02:00

pki_gcrypt.c

CVE-2025-4878 Initialize pointers where possible

2025-06-23 15:24:30 +02:00

pki_mbedcrypto.c

CVE-2025-4878 Initialize pointers where possible

2025-06-23 15:24:30 +02:00

pki.c

CVE-2025-4878 Initialize pointers where possible

2025-06-23 15:24:30 +02:00

poll.c

CVE-2025-4878 Initialize pointers where possible

2025-06-23 15:24:30 +02:00

scp.c

fix: sftp_packet_read stuck in an infinite loop in blocking mode

2024-07-01 13:22:35 +00:00

server.c

CVE-2025-4878 Initialize pointers where possible

2025-06-23 15:24:30 +02:00

session.c

CVE-2025-4878 Initialize pointers where possible

2025-06-23 15:24:30 +02:00

sftp_aio.c

sftp: Avoid dead code and possible overruns

2025-01-13 15:47:43 +01:00

sftp_common.c

sftp: Avoid memory leaks from extended attributes

2025-01-13 15:47:43 +01:00

sftp.c

CVE-2025-5449 sftpserver: Fix possible read behind buffer on 32bit arch

2025-06-23 13:37:06 +02:00

sftpserver.c

CVE-2025-4878 Initialize pointers where possible

2025-06-23 15:24:30 +02:00

sntrup761.c

Use gcrypt implementation of ntruprime

2025-01-21 11:32:49 +01:00

socket.c

Fix implicit type conversions and warnings on windows builds

2025-01-03 15:18:53 +01:00

string.c

CVE-2025-4878 Initialize pointers where possible

2025-06-23 15:24:30 +02:00

threads.c

threads.c: Remove dot from documentation group definition

2022-10-04 10:35:02 +02:00

token.c

CVE-2023-1667:token: Add missing whitespace

2023-05-04 11:51:17 +02:00

ttyopts.c

ttyopts: Adjust the default TTY modes to be sane

2024-08-29 09:07:25 +02:00

wrapper.c

CVE-2025-4878 Initialize pointers where possible

2025-06-23 15:24:30 +02:00