[openssh-commits] [openssh] 03/05: upstream: Fix overflow check in sshbuf_dup_string. It's already
git+noreply at mindrot.org
git+noreply at mindrot.org
Mon Jun 16 20:07:14 AEST 2025
This is an automated email from the git hooks/post-receive script.
dtucker pushed a commit to branch master
in repository openssh.
commit df3f903d616763a105570610a616dacf0f83438e
Author: dtucker at openbsd.org <dtucker at openbsd.org>
AuthorDate: Mon Jun 16 09:02:19 2025 +0000
upstream: Fix overflow check in sshbuf_dup_string. It's already
constrained by SSHBUF_SIZE_MAX, but still worth fixing the check. Patch from
afonot via github PR#573, with & ok djm@
OpenBSD-Commit-ID: 438888498e66472fc6a48133196d6538d27bff18
---
sshbuf-misc.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/sshbuf-misc.c b/sshbuf-misc.c
index adbf9903b..201279faf 100644
--- a/sshbuf-misc.c
+++ b/sshbuf-misc.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: sshbuf-misc.c,v 1.19 2025/05/21 06:43:48 djm Exp $ */
+/* $OpenBSD: sshbuf-misc.c,v 1.20 2025/06/16 09:02:19 dtucker Exp $ */
/*
* Copyright (c) 2011 Damien Miller
*
@@ -254,7 +254,7 @@ sshbuf_dup_string(struct sshbuf *buf)
size_t l = sshbuf_len(buf);
char *r;
- if (s == NULL || l > SIZE_MAX)
+ if (s == NULL || l >= SIZE_MAX)
return NULL;
/* accept a nul only as the last character in the buffer */
if (l > 0 && (p = memchr(s, '\0', l)) != NULL) {
--
To stop receiving notification emails like this one, please contact
djm at mindrot.org.
More information about the openssh-commits
mailing list