libssh/backport-misc-Fix-format-truncation-in-ssh_path_expa.patch

From 20406e51c9e1e096dc8ba47975abad448a51bfc1 Mon Sep 17 00:00:00 2001
From: Andreas Schneider <asn@cryptomilk.org>
Date: Fri, 26 Aug 2022 13:07:28 +0200
Subject: [PATCH] misc: Fix format truncation in ssh_path_expand_escape()
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

error: ‘%u’ directive output may be truncated writing between 1 and 10
bytes into a region of size 6.

Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
---
 include/libssh/session.h |  2 +-
 src/misc.c               | 15 +++++++--------
 2 files changed, 8 insertions(+), 9 deletions(-)

diff --git a/include/libssh/session.h b/include/libssh/session.h
index 0a6fb080..d3e5787c 100644
--- a/include/libssh/session.h
+++ b/include/libssh/session.h
@@ -223,7 +223,7 @@ struct ssh_session_struct {
         char *custombanner;
         unsigned long timeout; /* seconds */
         unsigned long timeout_usec;
-        unsigned int port;
+        uint16_t port;
         socket_t fd;
         int StrictHostKeyChecking;
         char compressionlevel;
diff --git a/src/misc.c b/src/misc.c
index e6264101..a2fdf31a 100644
--- a/src/misc.c
+++ b/src/misc.c
@@ -1237,14 +1237,13 @@ char *ssh_path_expand_escape(ssh_session session, const char *s)
                 x = strdup(session->opts.username);
                 break;
             case 'p':
-                if (session->opts.port < 65536) {
-                    char tmp[6];
-
-                    snprintf(tmp,
-                             sizeof(tmp),
-                             "%u",
-                             session->opts.port > 0 ? session->opts.port : 22);
-                    x = strdup(tmp);
+                if (session->opts.port > 0) {
+                  char tmp[6];
+
+                  snprintf(tmp, sizeof(tmp), "%hu",
+                           (uint16_t)(session->opts.port > 0 ? session->opts.port
+                                                             : 22));
+                  x = strdup(tmp);
                 }
                 break;
             default:
-- 
2.33.0