Package init

libssh-0.8.3-fixes-the-oss-fuzz-bug.patch

@@ -0,0 +1,58 @@
+From 6ae097069ad8e4658f14870c4d23409b88139810 Mon Sep 17 00:00:00 2001
+From: Jakub Jelen <jjelen@redhat.com>
+Date: Tue, 10 Dec 2019 18:09:51 +0800
+Subject: [PATCH] backport-fixes-the-oss-fuzz-bug
+
+---
+ src/buffer.c | 19 +++++++++++++------
+ 1 file changed, 13 insertions(+), 6 deletions(-)
+
+diff --git a/src/buffer.c b/src/buffer.c
+index da6e587..08529ee 100644
+--- a/src/buffer.c
++++ b/src/buffer.c
+@@ -1112,6 +1112,7 @@ int ssh_buffer_unpack_va(struct ssh_buffer_struct *buffer,
+             goto cleanup;
+         }
+ 
++        rc = SSH_ERROR;
+         switch (*p) {
+         case 'b':
+             o.byte = va_arg(ap, uint8_t *);
+@@ -1121,20 +1122,26 @@ int ssh_buffer_unpack_va(struct ssh_buffer_struct *buffer,
+         case 'w':
+             o.word = va_arg(ap,  uint16_t *);
+             rlen = ssh_buffer_get_data(buffer, o.word, sizeof(uint16_t));
+-            *o.word = ntohs(*o.word);
+-            rc = rlen==2 ? SSH_OK : SSH_ERROR;
++            if (rlen == 2) {
++                *o.word = ntohs(*o.word);
++                rc = SSH_OK;
++	     }
+             break;
+         case 'd':
+             o.dword = va_arg(ap, uint32_t *);
+             rlen = ssh_buffer_get_u32(buffer, o.dword);
+-            *o.dword = ntohl(*o.dword);
+-            rc = rlen==4 ? SSH_OK : SSH_ERROR;
++            if (rlen == 4) {
++                *o.dword = ntohl(*o.dword);
++                rc = SSH_OK;
++            }
+             break;
+         case 'q':
+             o.qword = va_arg(ap, uint64_t*);
+             rlen = ssh_buffer_get_u64(buffer, o.qword);
+-            *o.qword = ntohll(*o.qword);
+-            rc = rlen==8 ? SSH_OK : SSH_ERROR;
++            if (rlen == 8) {
++                *o.qword = ntohll(*o.qword);
++                rc = SSH_OK;
++            }
+             break;
+         case 'S':
+             o.string = va_arg(ap, ssh_string *);
+-- 
+2.19.1
+
+

libssh.spec

@@ -1,6 +1,6 @@
 Name:           libssh
 Version:        0.8.3
-Release:        4
+Release:        5
 Summary:        A library implementing the SSH protocol
 License:        LGPLv2+
 URL:            https://www.libssh.org
@@ -9,6 +9,8 @@ Source1:        https://www.libssh.org/files/0.8/%{name}-%{version}.tar.xz.asc
 Source2:        https://cryptomilk.org/gpgkey-8DFF53E18F2ABC8D8F3C92237EE0FC4DCC014E3D.gpg#/%{name}.keyring 
 
 Patch1:         libssh-0.8.3-fix-covscan-errors.patch
+Patch2:         libssh-0.8.3-fixes-the-oss-fuzz-bug.patch
+
 #patches6000-patches6007 come from https://git.libssh.org/
 Patch6000:      libssh-stable-0p8-CVE-2018-10933-part1.patch
 Patch6001:	libssh-stable-0p8-CVE-2018-10933-part2.patch
@@ -100,5 +102,11 @@ popd
 %doc README ChangeLog obj/doc/html
 
 %changelog
+* Sat Dec 21 2019 openEuler Buildteam <buildteam@openeuler.org> - 0.8.3-5
+- Type:bugfix
+- Id:NA
+- SUG:NA
+- DESC: fixes the oss fuzz bug
+
 * Thu Sep 12 2019 openEuler Buildteam <buildteam@openeuler.org> - 0.8.3-4
 - Package init