asedeno.scripts.mit.edu Git - PuTTY.git/commit

]> asedeno.scripts.mit.edu Git - PuTTY.git/commit

author	Simon Tatham <anakin@pobox.com>
	Tue, 14 Feb 2017 21:52:28 +0000 (21:52 +0000)
committer	Simon Tatham <anakin@pobox.com>
	Tue, 14 Feb 2017 23:25:26 +0000 (23:25 +0000)
commit	a146ab2e7aa984f8f5d7ec97e14bbf7ebeb30823
tree	a8f9a4747f42b0f5c9b0d68d60f8c59b1287a81b	tree \| snapshot
parent	50965a6411b8da9301501e91262bfe6cf8c808ae	commit \| diff

Tighten up bounds-checking of agent responses.

I think an agent sending a string length exceeding the buffer bounds
by less than 4 could have made PuTTY read beyond its own buffer end.
Not that I really think a hostile SSH agent is likely to be attacking
PuTTY, but it's as well to fix these things anyway!

ssh.c

diff | blob | history

local copy of git://git.tartarus.org/simon/putty.git

RSS Atom