nhyatt/putty-source
1
0
Fork 0
mirror of https://git.tartarus.org/simon/putty.git synced 2025-01-25 01:02:24 +00:00
Code Issues Projects Releases Wiki Activity
42dcd465ab
putty-source/ssh
History
Simon Tatham 42dcd465ab ssh2_scan_kexinits: dynamically allocate server_hostkeys[]. 
In commit 7d44e35bb3 I introduced a bug: we were providing an
array of MAXKEXLIST ints to ssh2_scan_kexinits() to write a list of
server-supplied host keys into, and when MAXKEXLIST stopped being a
thing, I mindlessly replaced it with an array dynamically allocated to
the number of host key types we'd offered the server.

But we return a list of host key types the _server_ offered _us_ (and
that we can speak at all), which isn't necessarily the same thing. In
particular, if you deliberately ask to cache a new host key type from
the specials menu, we send a KEXINIT offering just _one_ host key
type, namely the one you've asked for. But that loop still writes down
all the key types it gets back from the server, which is (almost
certainly) more than one. So the array overflows.

In that situation we don't really need the returned array of key types
at all, but it's easier to just make it work than to add conditionals.
Replaced it with a dynamically grown array in the usual sort of way.
2022-04-28 13:11:51 +01:00
..
agentf.c Move the SSH implementation into its own subdirectory. 2021-04-22 18:09:13 +01:00
bpp1.c New Seat callback, seat_sent(). 2021-06-27 13:52:48 +01:00
bpp2.c New Seat callback, seat_sent(). 2021-06-27 13:52:48 +01:00
bpp-bare.c New Seat callback, seat_sent(). 2021-06-27 13:52:48 +01:00
bpp.h Move the SSH implementation into its own subdirectory. 2021-04-22 18:09:13 +01:00
censor1.c Move the SSH implementation into its own subdirectory. 2021-04-22 18:09:13 +01:00
censor2.c Move the SSH implementation into its own subdirectory. 2021-04-22 18:09:13 +01:00
channel.h Move the SSH implementation into its own subdirectory. 2021-04-22 18:09:13 +01:00
CMakeLists.txt Move the SSH implementation into its own subdirectory. 2021-04-22 18:09:13 +01:00
common.c Extra utility function add_to_commasep_pl. 2022-04-21 08:13:38 +01:00
connection1-client.c New Seat query, has_mixed_input_stream(). 2021-11-06 14:48:26 +00:00
connection1-server.c Move the SSH implementation into its own subdirectory. 2021-04-22 18:09:13 +01:00
connection1.c Richer data type for interactive prompt results. 2021-12-28 18:08:31 +00:00
connection1.h Richer data type for interactive prompt results. 2021-12-28 18:08:31 +00:00
connection2-client.c New Seat query, has_mixed_input_stream(). 2021-11-06 14:48:26 +00:00
connection2-server.c Move the SSH implementation into its own subdirectory. 2021-04-22 18:09:13 +01:00
connection2.c Richer data type for interactive prompt results. 2021-12-28 18:08:31 +00:00
connection2.h Richer data type for interactive prompt results. 2021-12-28 18:08:31 +00:00
crc-attack-detector.c Move the SSH implementation into its own subdirectory. 2021-04-22 18:09:13 +01:00
gss.h Update source file names in comments and docs. 2022-01-22 15:51:31 +00:00
gssc.c Move the SSH implementation into its own subdirectory. 2021-04-22 18:09:13 +01:00
gssc.h Move the SSH implementation into its own subdirectory. 2021-04-22 18:09:13 +01:00
kex2-client.c Initial support for host certificates. 2022-04-25 15:09:31 +01:00
kex2-server.c Refactor ecdh_kex into an organised vtable. 2022-04-15 17:46:06 +01:00
login1-server.c Localise user_input to SSH connection layers. 2021-09-14 14:05:13 +01:00
login1.c Utility function strbuf_dup. 2022-04-24 08:38:27 +01:00
mainchan.c mainchan.c: defer a couple of ssh_sw_abort. 2022-04-22 17:15:34 +01:00
nogss.c Move the SSH implementation into its own subdirectory. 2021-04-22 18:09:13 +01:00
nosharing.c Move the SSH implementation into its own subdirectory. 2021-04-22 18:09:13 +01:00
pgssapi.c Move the SSH implementation into its own subdirectory. 2021-04-22 18:09:13 +01:00
pgssapi.h Move the SSH implementation into its own subdirectory. 2021-04-22 18:09:13 +01:00
portfwd.c Pull out SOCKS protocol constants into a header. 2021-11-19 15:09:17 +00:00
ppl.h Support for detached certificates in userauth. 2022-04-25 15:09:31 +01:00
scpserver.c Generalise strbuf_catf() into put_fmt(). 2021-11-19 11:32:47 +00:00
server.c Richer data type for interactive prompt results. 2021-12-28 18:08:31 +00:00
server.h Update source file names in comments and docs. 2022-01-22 15:51:31 +00:00
sesschan.c Update source file names in comments and docs. 2022-01-22 15:51:31 +00:00
sftp.c Move the SSH implementation into its own subdirectory. 2021-04-22 18:09:13 +01:00
sftp.h Fix a batch of typos in comments and docs. 2022-01-03 06:40:51 +00:00
sftpcommon.c Move the SSH implementation into its own subdirectory. 2021-04-22 18:09:13 +01:00
sftpserver.c Move the SSH implementation into its own subdirectory. 2021-04-22 18:09:13 +01:00
sharing.c Update source file names in comments and docs. 2022-01-22 15:51:31 +00:00
signal-list.h Move the SSH implementation into its own subdirectory. 2021-04-22 18:09:13 +01:00
ssh.c Support for detached certificates in userauth. 2022-04-25 15:09:31 +01:00
transient-hostkey-cache.c Move the SSH implementation into its own subdirectory. 2021-04-22 18:09:13 +01:00
transport2.c ssh2_scan_kexinits: dynamically allocate server_hostkeys[]. 2022-04-28 13:11:51 +01:00
transport2.h Initial support for host certificates. 2022-04-25 15:09:31 +01:00
ttymode-list.h Move the SSH implementation into its own subdirectory. 2021-04-22 18:09:13 +01:00
userauth2-client.c Support for detached certificates in userauth. 2022-04-25 15:09:31 +01:00
userauth2-server.c Uppity: add stunt options for trivial authentication. 2021-06-19 21:34:56 +01:00
verstring.c Bug workaround to delay sending our SSH greeting. 2021-08-14 11:46:21 +01:00
x11fwd.c New API for plug_closing() with a custom type enum. 2021-11-06 14:48:26 +00:00
zlib.c Move the SSH implementation into its own subdirectory. 2021-04-22 18:09:13 +01:00