Mercurial Mercurial > upstream > oracle > userland-gate / comparison
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
components/openssh/patches/049-kexinit_mem_exhaust.patch
branchs11u3-sru
changeset 7320 edeb951aa980
equal deleted inserted replaced
7319:0753ecc76d4d 7320:edeb951aa980 
       
     1 #
 
       
     2 # Unregister the KEXINIT handler after message has been received.
 
       
     3 #
 
       
     4 # CVE-2016-8858
 
       
     5 #
 
       
     6 # Patch source: upstream
 
       
     7 # https://github.com/openssh/openssh-portable/commit/ec165c392ca54317dbe
 
       
     8 #
 
       
     9 # We will drop this patch when upgrading to OpenSSH 7.4 or later.
 
       
    10 #
 
       
    11 diff -pur old/kex.c new/kex.c
 
       
    12 --- old/kex.c
 
       
    13 +++ new/kex.c
 
       
    14 @@ -517,6 +517,7 @@ kex_input_kexinit(int type, u_int32_t se
 
       
    15  	if (kex == NULL)
 
       
    16  		return SSH_ERR_INVALID_ARGUMENT;
 
       
    17  
       
    18 +	ssh_dispatch_set(ssh, SSH2_MSG_KEXINIT, NULL);
 
       
    19  	ptr = sshpkt_ptr(ssh, &dlen);
 
       
    20  	if ((r = sshbuf_put(kex->peer, ptr, dlen)) != 0)
 
       
    21  		return r;
upstream/oracle/userland-gate