f79ec51b7f
On 32b architecture when processing the SFTP packets, the value 0x7ffffffc in the payload_len will overflow to negative integer values, causing these checks to pass and possibly reading behind the buffer bounds later. This affects only SFTP server implementations running on 32b architecture. Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
_ _ _ _
(_) (_) (_) (_)
(_) _ (_) _ _ _ _ _ (_) _
(_) (_) (_)(_) _ (_)(_) (_)(_) (_)(_) _
(_) (_) (_) (_) _ (_) _ (_) (_) (_)
(_) (_) (_)(_)(_) (_)(_) (_)(_) (_) (_).org
The SSH library
Why?
Why not ? :) I've began to work on my own implementation of the ssh protocol because i didn't like the currently public ones. Not any allowed you to import and use the functions as a powerful library, and so i worked on a library-based SSH implementation which was non-existing in the free and open source software world.
How/Who?
If you downloaded this file, you must know what it is : a library for accessing ssh client services through C libraries calls in a simple manner. Everybody can use this software under the terms of the LGPL - see the COPYING file
If you ask yourself how to compile libssh, please read INSTALL before anything.
Where ?
Contributing
Please read the file 'CONTRIBUTING.md' next to this README file. It explains our copyright policy and how you should send patches for upstream inclusion.
Have fun and happy libssh hacking!
The libssh Team