simon-git: putty (master): Simon Tatham
Commits to Tartarus CVS repository.
tartarus-commits at lists.tartarus.org
Sat Jun 13 18:01:08 BST 2015
TL;DR:
1eb578a Add missing null-pointer checks in key exchange.
Repository: git://git.tartarus.org/simon/putty.git
On the web: http://tartarus.org/~simon-git/gitweb/?p=putty.git
Branch updated: master
Committer: Simon Tatham <anakin at pobox.com>
Date: 2015-06-13 18:01:08
commit 1eb578a488a71284d6b18e46df301e54805f2c35
web diff http://tartarus.org/~simon-git/gitweb/?p=putty.git;a=commitdiff;h=1eb578a488a71284d6b18e46df301e54805f2c35;hp=f8b27925eee6a37df107a7cd2e718e997a52516e
Author: Simon Tatham <anakin at pobox.com>
Date: Sat Jun 13 15:22:03 2015 +0100
Add missing null-pointer checks in key exchange.
Assorted calls to ssh_pkt_getstring in handling the later parts of key
exchange (post-KEXINIT) were not checked for NULL afterwards, so that
a variety of badly formatted key exchange packets would cause a crash
rather than a sensible error message.
None of these is an exploitable vulnerability - the server can only
force a clean null-deref crash, not an access to actually interesting
memory.
Thanks to '3unnym00n' for pointing out one of these, causing me to
find all the rest of them too.
ssh.c | 32 ++++++++++++++++++++++++++++++++
1 file changed, 32 insertions(+)
More information about the tartarus-commits
mailing list