mirror of
https://gitlab.alpinelinux.org/alpine/aports.git
synced 2026-05-08 13:56:40 +02:00
42 lines
1.2 KiB
Diff
42 lines
1.2 KiB
Diff
From 0a9268a60f2d3748ca69bde5651f20e72761058c Mon Sep 17 00:00:00 2001
|
|
From: Andreas Schneider <asn@cryptomilk.org>
|
|
Date: Wed, 3 Jun 2020 10:04:09 +0200
|
|
Subject: CVE-2020-16135: Add missing NULL check for ssh_buffer_new()
|
|
|
|
Add a missing NULL check for the pointer returned by ssh_buffer_new() in
|
|
sftpserver.c.
|
|
|
|
Thanks to Ramin Farajpour Cami for spotting this.
|
|
|
|
Fixes T232
|
|
|
|
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
|
|
Reviewed-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
|
|
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
|
|
(cherry picked from commit 533d881b0f4b24c72b35ecc97fa35d295d063e53)
|
|
---
|
|
src/sftpserver.c | 6 ++++++
|
|
1 file changed, 6 insertions(+)
|
|
|
|
diff --git a/src/sftpserver.c b/src/sftpserver.c
|
|
index 1717aa41..1af8a0e7 100644
|
|
--- a/src/sftpserver.c
|
|
+++ b/src/sftpserver.c
|
|
@@ -64,6 +64,12 @@ sftp_client_message sftp_get_client_message(sftp_session sftp) {
|
|
|
|
/* take a copy of the whole packet */
|
|
msg->complete_message = ssh_buffer_new();
|
|
+ if (msg->complete_message == NULL) {
|
|
+ ssh_set_error_oom(session);
|
|
+ sftp_client_message_free(msg);
|
|
+ return NULL;
|
|
+ }
|
|
+
|
|
ssh_buffer_add_data(msg->complete_message,
|
|
ssh_buffer_get(payload),
|
|
ssh_buffer_get_len(payload));
|
|
--
|
|
cgit v1.2.1
|
|
|
|
|