packages/libssh
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
libssh/0004-CVE-2019-14889.patch
zhanglu 195f44605a fix cve
2020-01-12 12:31:39 +08:00

34 lines
973 B
Diff
Raw Blame History

From 391c78de9d0f7baec3a44d86a76f4e1324eb9529 Mon Sep 17 00:00:00 2001
From: Andreas Schneider <asn@cryptomilk.org>
Date: Fri, 6 Dec 2019 09:40:30 +0100
Subject: CVE-2019-14889: scp: Don't allow file path longer than 32kb
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
(cherry picked from commit 0b5ee397260b6e08dffa2c1ce515a153aaeda765)
---
src/scp.c | 6 ++++++
1 file changed, 6 insertions(+)
diff --git a/src/scp.c b/src/scp.c
index 166f3d2f..4b00aa5f 100644
--- a/src/scp.c
+++ b/src/scp.c
@@ -80,6 +80,12 @@ ssh_scp ssh_scp_new(ssh_session session, int mode, const char *location)
goto error;
}
+ if (strlen(location) > 32 * 1024) {
+ ssh_set_error(session, SSH_FATAL,
+ "Location path is too long");
+ goto error;
+ }
+
scp->location = strdup(location);
if (scp->location == NULL) {
ssh_set_error(session, SSH_FATAL,
--
cgit v1.2.1
Reference in New Issue View Git Blame Copy Permalink