Fix null dereference issues found by covscan
Related: rhbz#2182252, rhbz#2189740 Signed-off-by: Norbert Pocs <npocs@redhat.com>
This commit is contained in:
		
							parent
							
								
									e3ddbe6a80
								
							
						
					
					
						commit
						18eec23532
					
				
							
								
								
									
										57
									
								
								covscan23_1.patch
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										57
									
								
								covscan23_1.patch
									
									
									
									
									
										Normal file
									
								
							| @ -0,0 +1,57 @@ | |||||||
|  | File ../libssh-0.10.4/.git is a regular file while file ./.git is a directory | ||||||
|  | diff --color -ru ../libssh-0.10.4/src/sftp.c ./src/sftp.c
 | ||||||
|  | --- ../libssh-0.10.4/src/sftp.c	2023-05-22 12:45:48.383509085 +0200
 | ||||||
|  | +++ ./src/sftp.c	2023-05-22 12:54:31.004037650 +0200
 | ||||||
|  | @@ -1755,6 +1755,10 @@
 | ||||||
|  |  int sftp_close(sftp_file file){ | ||||||
|  |    int err = SSH_NO_ERROR; | ||||||
|  |   | ||||||
|  | +  if (file == NULL) {
 | ||||||
|  | +      return err;
 | ||||||
|  | +  }
 | ||||||
|  | +
 | ||||||
|  |    SAFE_FREE(file->name); | ||||||
|  |    if (file->handle){ | ||||||
|  |      err = sftp_handle_close(file->sftp,file->handle); | ||||||
|  | @@ -1917,7 +1921,7 @@
 | ||||||
|  |   | ||||||
|  |  /* Read from a file using an opened sftp file handle. */ | ||||||
|  |  ssize_t sftp_read(sftp_file handle, void *buf, size_t count) { | ||||||
|  | -  sftp_session sftp = handle->sftp;
 | ||||||
|  | +  sftp_session sftp;
 | ||||||
|  |    sftp_message msg = NULL; | ||||||
|  |    sftp_status_message status; | ||||||
|  |    ssh_string datastring; | ||||||
|  | @@ -1926,6 +1930,11 @@
 | ||||||
|  |    uint32_t id; | ||||||
|  |    int rc; | ||||||
|  |   | ||||||
|  | +  if (handle == NULL) {
 | ||||||
|  | +      return -1;
 | ||||||
|  | +  }
 | ||||||
|  | +  sftp = handle->sftp;
 | ||||||
|  | +
 | ||||||
|  |    if (handle->eof) { | ||||||
|  |      return 0; | ||||||
|  |    } | ||||||
|  | @@ -2147,7 +2156,7 @@
 | ||||||
|  |  } | ||||||
|  |   | ||||||
|  |  ssize_t sftp_write(sftp_file file, const void *buf, size_t count) { | ||||||
|  | -  sftp_session sftp = file->sftp;
 | ||||||
|  | +  sftp_session sftp;
 | ||||||
|  |    sftp_message msg = NULL; | ||||||
|  |    sftp_status_message status; | ||||||
|  |    ssh_buffer buffer; | ||||||
|  | @@ -2156,6 +2165,11 @@
 | ||||||
|  |    size_t packetlen; | ||||||
|  |    int rc; | ||||||
|  |   | ||||||
|  | +  if (file == NULL) {
 | ||||||
|  | +      return -1;
 | ||||||
|  | +  }
 | ||||||
|  | +  sftp = file->sftp;
 | ||||||
|  | +
 | ||||||
|  |    buffer = ssh_buffer_new(); | ||||||
|  |    if (buffer == NULL) { | ||||||
|  |      ssh_set_error_oom(sftp->session); | ||||||
| @ -1,6 +1,6 @@ | |||||||
| Name:           libssh | Name:           libssh | ||||||
| Version:        0.10.4 | Version:        0.10.4 | ||||||
| Release:        9%{?dist} | Release:        10%{?dist} | ||||||
| Summary:        A library implementing the SSH protocol | Summary:        A library implementing the SSH protocol | ||||||
| License:        LGPLv2+ | License:        LGPLv2+ | ||||||
| URL:            http://www.libssh.org | URL:            http://www.libssh.org | ||||||
| @ -50,6 +50,7 @@ Patch8: null_dereference_rekey.patch | |||||||
| Patch9: auth_bypass.patch | Patch9: auth_bypass.patch | ||||||
| Patch10: covscan23.patch | Patch10: covscan23.patch | ||||||
| Patch11: rekey_test_fixup.patch | Patch11: rekey_test_fixup.patch | ||||||
|  | Patch12: covscan23_1.patch | ||||||
| 
 | 
 | ||||||
| %description | %description | ||||||
| The ssh library was designed to be used by programmers needing a working SSH | The ssh library was designed to be used by programmers needing a working SSH | ||||||
| @ -142,6 +143,10 @@ popd | |||||||
| %attr(0644,root,root) %config(noreplace) %{_sysconfdir}/libssh/libssh_server.config | %attr(0644,root,root) %config(noreplace) %{_sysconfdir}/libssh/libssh_server.config | ||||||
| 
 | 
 | ||||||
| %changelog | %changelog | ||||||
|  | * Mon May 22 2023 Norbert Pocs <npocs@redhat.com> - 0.10.4.10 | ||||||
|  | - Fix null dereference issues found by covscan | ||||||
|  | - Related: rhbz#2182252, rhbz#2189740 | ||||||
|  | 
 | ||||||
| * Wed May 10 2023 Norbert Pocs <npocs@redhat.com> - 0.10.4-9 | * Wed May 10 2023 Norbert Pocs <npocs@redhat.com> - 0.10.4-9 | ||||||
| - Fix CVE-2023-1667 and CVE-2023-2283 | - Fix CVE-2023-1667 and CVE-2023-2283 | ||||||
| - Fix issues found by cosvcan | - Fix issues found by cosvcan | ||||||
|  | |||||||
		Loading…
	
		Reference in New Issue
	
	Block a user