[openssh-commits] [openssh] 04/08: upstream: stricter validation of the transport state passed from

[git+noreply at mindrot.org]

This is an automated email from the git hooks/post-receive script.

djm pushed a commit to branch master
in repository openssh.

commit 26cde4cfc55eb1d336e1249d702c0c4705b0424b
Author: djm at openbsd.org <djm at openbsd.org>
AuthorDate: Sun May 31 04:37:56 2026 +0000

    upstream: stricter validation of the transport state passed from
    
    the unprivileged preauth sshd-auth process to the user-privileged postauth
    sshd-session process.
    
    These are harmless unless an attacker had an exploit for sshd-auth
    in which case they could be used for post-auth memory DoS or to
    crash you own session in a new and exciting way.
    
    Reported by bylee3 and Kayky Vinicius
    
    ok markus
    
    OpenBSD-Commit-ID: 214e256904a4ae4f83d2083096796c9689c1d7b5
---
 cipher.c |  8 +++++++-
 cipher.h |  3 ++-
 packet.c | 12 +++++++++---
 3 files changed, 18 insertions(+), 5 deletions(-)

diff --git a/cipher.c b/cipher.c
index b42baf967..f3e8fd553 100644
--- a/cipher.c
+++ b/cipher.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: cipher.c,v 1.127 2026/05/13 05:58:58 djm Exp $ */
+/* $OpenBSD: cipher.c,v 1.128 2026/05/31 04:37:56 djm Exp $ */
 /*
  * Author: Tatu Ylonen <ylo at cs.hut.fi>
  * Copyright (c) 1995 Tatu Ylonen <ylo at cs.hut.fi>, Espoo, Finland
@@ -183,6 +183,12 @@ cipher_is_cbc(const struct sshcipher *c)
 	return (c->flags & CFLAG_CBC) != 0;
 }
 
+u_int
+cipher_is_internal(const struct sshcipher *c)
+{
+	return (c->flags & CFLAG_INTERNAL) != 0;
+}
+
 u_int
 cipher_ctx_is_plaintext(struct sshcipher_ctx *cc)
 {
diff --git a/cipher.h b/cipher.h
index 6533ff2bb..061a26b20 100644
--- a/cipher.h
+++ b/cipher.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: cipher.h,v 1.56 2023/10/10 06:49:54 tb Exp $ */
+/* $OpenBSD: cipher.h,v 1.57 2026/05/31 04:37:56 djm Exp $ */
 
 /*
  * Author: Tatu Ylonen <ylo at cs.hut.fi>
@@ -68,6 +68,7 @@ u_int	 cipher_seclen(const struct sshcipher *);
 u_int	 cipher_authlen(const struct sshcipher *);
 u_int	 cipher_ivlen(const struct sshcipher *);
 u_int	 cipher_is_cbc(const struct sshcipher *);
+u_int	 cipher_is_internal(const struct sshcipher *);
 
 u_int	 cipher_ctx_is_plaintext(struct sshcipher_ctx *);
 
diff --git a/packet.c b/packet.c
index 53a29e338..78316626f 100644
--- a/packet.c
+++ b/packet.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: packet.c,v 1.336 2026/05/31 04:24:39 djm Exp $ */
+/* $OpenBSD: packet.c,v 1.337 2026/05/31 04:37:56 djm Exp $ */
 /*
  * Author: Tatu Ylonen <ylo at cs.hut.fi>
  * Copyright (c) 1995 Tatu Ylonen <ylo at cs.hut.fi>, Espoo, Finland
@@ -2535,7 +2535,9 @@ newkeys_from_blob(struct sshbuf *m, struct ssh *ssh, int mode)
 	    (r = sshbuf_get_string(b, &enc->key, &keylen)) != 0 ||
 	    (r = sshbuf_get_string(b, &enc->iv, &ivlen)) != 0)
 		goto out;
-	if ((enc->cipher = cipher_by_name(enc->name)) == NULL) {
+	if ((enc->cipher = cipher_by_name(enc->name)) == NULL ||
+	    enc->block_size != cipher_blocksize(enc->cipher) ||
+	    cipher_is_internal(enc->cipher)) {
 		r = SSH_ERR_INVALID_FORMAT;
 		goto out;
 	}
@@ -2547,7 +2549,7 @@ newkeys_from_blob(struct sshbuf *m, struct ssh *ssh, int mode)
 		if ((r = sshbuf_get_u32(b, (u_int *)&mac->enabled)) != 0 ||
 		    (r = sshbuf_get_string(b, &mac->key, &maclen)) != 0)
 			goto out;
-		if (maclen > mac->key_len) {
+		if (maclen != mac->key_len) {
 			r = SSH_ERR_INVALID_FORMAT;
 			goto out;
 		}
@@ -2593,6 +2595,10 @@ kex_from_blob(struct sshbuf *m, struct kex **kexp)
 	    (r = sshbuf_get_stringb(m, kex->session_id)) != 0 ||
 	    (r = sshbuf_get_u32(m, &kex->flags)) != 0)
 		goto out;
+	if (kex->we_need > 1024) {
+		r = SSH_ERR_INVALID_FORMAT;
+		goto out;
+	}
 	kex->server = 1;
 	kex->done = 1;
 	r = 0;

-- 
To stop receiving notification emails like this one, please contact
djm at mindrot.org.