guix-commits
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

55/62: gnu: libssh2: Update to 1.10.0.

From: guix-commits
Subject: 55/62: gnu: libssh2: Update to 1.10.0.
Date: Sun, 26 Jun 2022 06:09:12 -0400 (EDT) 
mbakke pushed a commit to branch core-updates
in repository guix.

commit 09a3f7c6fcbb5c63ecd402daef7fd9714d3720d3
Author: Marius Bakke <marius@gnu.org>
AuthorDate: Sun Jun 26 11:33:41 2022 +0200

    gnu: libssh2: Update to 1.10.0.
    
    * gnu/packages/ssh.scm (libssh2): Update to 1.10.0.
    [source](patches): Remove.
    * gnu/packages/patches/libssh2-CVE-2019-17498.patch: Delete file.
    * gnu/local.mk (dist_patch_DATA): Adjust accordingly.
---
 gnu/local.mk                                      |   1 -
 gnu/packages/patches/libssh2-CVE-2019-17498.patch | 126 ----------------------
 gnu/packages/ssh.scm                              |   5 +-
 3 files changed, 2 insertions(+), 130 deletions(-)

diff --git a/gnu/local.mk b/gnu/local.mk
index 7e4ed0d83f..435727879a 100644
--- a/gnu/local.mk
+++ b/gnu/local.mk
@@ -1410,7 +1410,6 @@ dist_patch_DATA =                                         
\
   %D%/packages/patches/libqalculate-3.8.0-libcurl-ssl-fix.patch        \
   %D%/packages/patches/libquicktime-ffmpeg.patch               \
   %D%/packages/patches/librecad-support-for-boost-1.76.patch   \
-  %D%/packages/patches/libssh2-CVE-2019-17498.patch            \
   %D%/packages/patches/libtar-CVE-2013-4420.patch              \
   %D%/packages/patches/libtgvoip-disable-sse2.patch            \
   %D%/packages/patches/libtgvoip-disable-webrtc.patch          \
diff --git a/gnu/packages/patches/libssh2-CVE-2019-17498.patch 
b/gnu/packages/patches/libssh2-CVE-2019-17498.patch
deleted file mode 100644
index 6f69e562e2..0000000000
--- a/gnu/packages/patches/libssh2-CVE-2019-17498.patch
+++ /dev/null
@@ -1,126 +0,0 @@
-https://github.com/libssh2/libssh2/commit/dedcbd106f8e52d5586b0205bc7677e4c9868f9c.patch
-
-From dedcbd106f8e52d5586b0205bc7677e4c9868f9c Mon Sep 17 00:00:00 2001
-From: Will Cosgrove <will@panic.com>
-Date: Fri, 30 Aug 2019 09:57:38 -0700
-Subject: [PATCH] packet.c: improve message parsing (#402)
-
-* packet.c: improve parsing of packets
-
-file: packet.c
-
-notes:
-Use _libssh2_get_string API in SSH_MSG_DEBUG/SSH_MSG_DISCONNECT. Additional 
uint32 bounds check in SSH_MSG_GLOBAL_REQUEST.
----
- src/packet.c | 68 ++++++++++++++++++++++------------------------------
- 1 file changed, 29 insertions(+), 39 deletions(-)
-
-diff --git a/src/packet.c b/src/packet.c
-index 38ab62944..2e01bfc5d 100644
---- a/src/packet.c
-+++ b/src/packet.c
-@@ -419,8 +419,8 @@ _libssh2_packet_add(LIBSSH2_SESSION * session, unsigned 
char *data,
-                     size_t datalen, int macstate)
- {
-     int rc = 0;
--    char *message = NULL;
--    char *language = NULL;
-+    unsigned char *message = NULL;
-+    unsigned char *language = NULL;
-     size_t message_len = 0;
-     size_t language_len = 0;
-     LIBSSH2_CHANNEL *channelp = NULL;
-@@ -472,33 +472,23 @@ _libssh2_packet_add(LIBSSH2_SESSION * session, unsigned 
char *data,
- 
-         case SSH_MSG_DISCONNECT:
-             if(datalen >= 5) {
--                size_t reason = _libssh2_ntohu32(data + 1);
-+                uint32_t reason = 0;
-+                struct string_buf buf;
-+                buf.data = (unsigned char *)data;
-+                buf.dataptr = buf.data;
-+                buf.len = datalen;
-+                buf.dataptr++; /* advance past type */
- 
--                if(datalen >= 9) {
--                    message_len = _libssh2_ntohu32(data + 5);
-+                _libssh2_get_u32(&buf, &reason);
-+                _libssh2_get_string(&buf, &message, &message_len);
-+                _libssh2_get_string(&buf, &language, &language_len);
- 
--                    if(message_len < datalen-13) {
--                        /* 9 = packet_type(1) + reason(4) + message_len(4) */
--                        message = (char *) data + 9;
--
--                        language_len =
--                            _libssh2_ntohu32(data + 9 + message_len);
--                        language = (char *) data + 9 + message_len + 4;
--
--                        if(language_len > (datalen-13-message_len)) {
--                            /* bad input, clear info */
--                            language = message = NULL;
--                            language_len = message_len = 0;
--                        }
--                    }
--                    else
--                        /* bad size, clear it */
--                        message_len = 0;
--                }
-                 if(session->ssh_msg_disconnect) {
--                    LIBSSH2_DISCONNECT(session, reason, message,
--                                       message_len, language, language_len);
-+                    LIBSSH2_DISCONNECT(session, reason, (const char *)message,
-+                                       message_len, (const char *)language,
-+                                       language_len);
-                 }
-+
-                 _libssh2_debug(session, LIBSSH2_TRACE_TRANS,
-                                "Disconnect(%d): %s(%s)", reason,
-                                message, language);
-@@ -539,24 +529,24 @@ _libssh2_packet_add(LIBSSH2_SESSION * session, unsigned 
char *data,
-                 int always_display = data[1];
- 
-                 if(datalen >= 6) {
--                    message_len = _libssh2_ntohu32(data + 2);
--
--                    if(message_len <= (datalen - 10)) {
--                        /* 6 = packet_type(1) + display(1) + message_len(4) */
--                        message = (char *) data + 6;
--                        language_len = _libssh2_ntohu32(data + 6 +
--                                                        message_len);
--
--                        if(language_len <= (datalen - 10 - message_len))
--                            language = (char *) data + 10 + message_len;
--                    }
-+                    struct string_buf buf;
-+                    buf.data = (unsigned char *)data;
-+                    buf.dataptr = buf.data;
-+                    buf.len = datalen;
-+                    buf.dataptr += 2; /* advance past type & always display */
-+
-+                    _libssh2_get_string(&buf, &message, &message_len);
-+                    _libssh2_get_string(&buf, &language, &language_len);
-                 }
- 
-                 if(session->ssh_msg_debug) {
--                    LIBSSH2_DEBUG(session, always_display, message,
--                                  message_len, language, language_len);
-+                    LIBSSH2_DEBUG(session, always_display,
-+                                  (const char *)message,
-+                                  message_len, (const char *)language,
-+                                  language_len);
-                 }
-             }
-+
-             /*
-              * _libssh2_debug will actually truncate this for us so
-              * that it's not an inordinate about of data
-@@ -579,7 +569,7 @@ _libssh2_packet_add(LIBSSH2_SESSION * session, unsigned 
char *data,
-                 uint32_t len = 0;
-                 unsigned char want_reply = 0;
-                 len = _libssh2_ntohu32(data + 1);
--                if(datalen >= (6 + len)) {
-+                if((len <= (UINT_MAX - 6)) && (datalen >= (6 + len))) {
-                     want_reply = data[5 + len];
-                     _libssh2_debug(session,
-                                    LIBSSH2_TRACE_CONN,
diff --git a/gnu/packages/ssh.scm b/gnu/packages/ssh.scm
index aa540c1012..db1aa0d595 100644
--- a/gnu/packages/ssh.scm
+++ b/gnu/packages/ssh.scm
@@ -159,7 +159,7 @@ applications.")
 (define-public libssh2
   (package
    (name "libssh2")
-   (version "1.9.0")
+   (version "1.10.0")
    (source (origin
             (method url-fetch)
             (uri (string-append
@@ -167,8 +167,7 @@ applications.")
                    version ".tar.gz"))
             (sha256
              (base32
-              "1zfsz9nldakfz61d2j70pk29zlmj7w2vv46s9l3x2prhcgaqpyym"))
-            (patches (search-patches "libssh2-CVE-2019-17498.patch"))))
+              "0l8xwhhscvss7q007vpbkbv7jh9s43579rx2sf8lnfgd7l7yjr1d"))))
    (build-system gnu-build-system)
    ;; The installed libssh2.pc file does not include paths to libgcrypt and
    ;; zlib libraries, so we need to propagate the inputs.
reply via email to
[Prev in Thread] Current Thread [Next in Thread]