nhyatt/putty-source
1
0
Fork 0
mirror of https://git.tartarus.org/simon/putty.git synced 2025-05-30 08:20:28 -05:00
Code Issues Projects Releases Wiki Activity

Security improvement: check CRC on incoming packets

Browse Source 
[originally from svn r489]
This commit is contained in:
Simon Tatham 2000-05-31 10:18:24 +00:00
parent 229245f384
commit 6b81798205
1 changed files with 10 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
ssh.c
View File

@ -127,6 +127,7 @@ static void ssh_gotdata(unsigned char *data, int datalen) {
static long len, biglen, to_read; static long len, biglen, to_read;
static unsigned char *p; static unsigned char *p;
static int i, pad; static int i, pad;
static unsigned long realcrc, gotcrc;
crBegin; crBegin;
while (1) { while (1) {
@ -186,6 +187,15 @@ static void ssh_gotdata(unsigned char *data, int datalen) {
pktin.type = pktin.data[pad]; pktin.type = pktin.data[pad];
pktin.body = pktin.data+pad+1; pktin.body = pktin.data+pad+1;
realcrc = crc32(pktin.data, biglen-4);
gotcrc = (pktin.data[biglen-4] << 24);
gotcrc |= (pktin.data[biglen-3] << 16);
gotcrc |= (pktin.data[biglen-2] << 8);
gotcrc |= (pktin.data[biglen-1] << 0);
if (gotcrc != realcrc) {
fatalbox("Incorrect CRC received on packet");
}
if (pktin.type == SSH_MSG_DEBUG) { if (pktin.type == SSH_MSG_DEBUG) {
/* FIXME: log it */ /* FIXME: log it */
} else if (pktin.type == SSH_MSG_IGNORE) { } else if (pktin.type == SSH_MSG_IGNORE) {