From d8f8bd7643efcc9b96e15143cb60953f1d4382b2 Mon Sep 17 00:00:00 2001 From: dartraiden Date: Wed, 27 Mar 2019 03:01:55 +0300 Subject: iibssh2: update to 1.8.2 --- libs/libssh2/docs/NEWS | 79 +++++++++++++++++----- libs/libssh2/docs/RELEASE-NOTES | 29 ++------ libs/libssh2/include/libssh2.h | 24 ++----- libs/libssh2/src/Makefile.in | 142 ++++++++++++++++++++++++++++++---------- libs/libssh2/src/libssh2_priv.h | 13 ++++ libs/libssh2/src/userauth.c | 8 +-- 6 files changed, 198 insertions(+), 97 deletions(-) (limited to 'libs') diff --git a/libs/libssh2/docs/NEWS b/libs/libssh2/docs/NEWS index e3caaece5e..a9c0a3f1ba 100644 --- a/libs/libssh2/docs/NEWS +++ b/libs/libssh2/docs/NEWS @@ -1,5 +1,68 @@ Changelog for the libssh2 project. Generated with git2news.pl +Version 1.8.2 (25 Mar 2019) + +Daniel Stenberg (25 Mar 2019) +- RELEASE-NOTES: version 1.8.2 + +- [Will Cosgrove brought this change] + + moved MAX size declarations #330 + +- [Will Cosgrove brought this change] + + Fixed misapplied patch (#327) + + Fixes for user auth + +Version 1.8.1 (14 Mar 2019) + +Will Cosgrove (14 Mar 2019) +- [Michael Buckley brought this change] + + More 1.8.0 security fixes (#316) + + * Defend against possible integer overflows in comp_method_zlib_decomp. + + * Defend against writing beyond the end of the payload in _libssh2_transport_read(). + + * Sanitize padding_length - _libssh2_transport_read(). https://libssh2.org/CVE-2019-3861.html + + This prevents an underflow resulting in a potential out-of-bounds read if a server sends a too-large padding_length, possibly with malicious intent. + + * Prevent zero-byte allocation in sftp_packet_read() which could lead to an out-of-bounds read. https://libssh2.org/CVE-2019-3858.html + + * Check the length of data passed to sftp_packet_add() to prevent out-of-bounds reads. + + * Add a required_size parameter to sftp_packet_require et. al. to require callers of these functions to handle packets that are too short. https://libssh2.org/CVE-2019-3860.html + + * Additional length checks to prevent out-of-bounds reads and writes in _libssh2_packet_add(). https://libssh2.org/CVE-2019-3862.html + +GitHub (14 Mar 2019) +- [Will Cosgrove brought this change] + + 1.8 Security fixes (#314) + + * fixed possible integer overflow in packet_length + + CVE https://www.libssh2.org/CVE-2019-3861.html + + * fixed possible interger overflow with userauth_keyboard_interactive + + CVE https://www.libssh2.org/CVE-2019-3856.html + + * fixed possible out zero byte/incorrect bounds allocation + + CVE https://www.libssh2.org/CVE-2019-3857.html + + * bounds checks for response packets + + * fixed integer overflow in userauth_keyboard_interactive + + CVE https://www.libssh2.org/CVE-2019-3863.html + + * 1.8.1 release notes + Version 1.8.0 (25 Oct 2016) Daniel Stenberg (25 Oct 2016) @@ -5473,19 +5536,3 @@ Simon Josefsson (16 Nov 2009) Reported by Steven Van Ingelgem in . - -- Mention libssh2-style.el. - -- Use memmove instead of memcpy on overlapping memory areas. - - Reported by Bob Alexander in - . - -- Add. - -- Protect against crash on too small SSH_MSG_IGNORE packets. - - Reported by Bob Alexander - in . - -- add copyright line diff --git a/libs/libssh2/docs/RELEASE-NOTES b/libs/libssh2/docs/RELEASE-NOTES index 6c2d7de324..d566bafe01 100644 --- a/libs/libssh2/docs/RELEASE-NOTES +++ b/libs/libssh2/docs/RELEASE-NOTES @@ -1,29 +1,12 @@ -libssh2 1.8.1 +libssh2 1.8.2 This release includes the following bugfixes: - - o fixed possible integer overflow when reading a specially crafted packet - (https://www.libssh2.org/CVE-2019-3855.html) - o fixed possible integer overflow in userauth_keyboard_interactive with a - number of extremely long prompt strings - (https://www.libssh2.org/CVE-2019-3863.html) - o fixed possible integer overflow if the server sent an extremely large number - of keyboard prompts (https://www.libssh2.org/CVE-2019-3856.html) - o fixed possible out of bounds read when processing a specially crafted packet - (https://www.libssh2.org/CVE-2019-3861.html) - o fixed possible integer overflow when receiving a specially crafted exit - signal message channel packet (https://www.libssh2.org/CVE-2019-3857.html) - o fixed possible out of bounds read when receiving a specially crafted exit - status message channel packet (https://www.libssh2.org/CVE-2019-3862.html) - o fixed possible zero byte allocation when reading a specially crafted SFTP - packet (https://www.libssh2.org/CVE-2019-3858.html) - o fixed possible out of bounds reads when processing specially crafted SFTP - packets (https://www.libssh2.org/CVE-2019-3860.html) - o fixed possible out of bounds reads in _libssh2_packet_require(v) - (https://www.libssh2.org/CVE-2019-3859.html) + + o Fixed the misapplied userauth patch that broke 1.8.1 + o moved the MAX size declarations from the public header This release would not have looked like this without help, code, reports and advice from friends like these: - Chris Coulson, Michael Buckley, Will Cosgrove, Daniel Stenberg - (4 contributors) + Will Cosgrove + (1 contributors) diff --git a/libs/libssh2/include/libssh2.h b/libs/libssh2/include/libssh2.h index f4bae24bc5..fdcf6163de 100644 --- a/libs/libssh2/include/libssh2.h +++ b/libs/libssh2/include/libssh2.h @@ -46,13 +46,13 @@ to make the BANNER define (used by src/session.c) be a valid SSH banner. Release versions have no appended strings and may of course not have dashes either. */ -#define LIBSSH2_VERSION "1.7.0_DEV" +#define LIBSSH2_VERSION "1.8.2" /* The numeric version number is also available "in parts" by using these defines: */ -#define LIBSSH2_VERSION_MAJOR 1 -#define LIBSSH2_VERSION_MINOR 7 -#define LIBSSH2_VERSION_PATCH 0 +#define LIBSSH2_VERSION_MAJOR 1 +#define LIBSSH2_VERSION_MINOR 8 +#define LIBSSH2_VERSION_PATCH 2 /* This is the numeric version of the libssh2 version number, meant for easier parsing and comparions by programs. The LIBSSH2_VERSION_NUM define will @@ -69,7 +69,7 @@ and it is always a greater number in a more recent release. It makes comparisons with greater than and less than work. */ -#define LIBSSH2_VERSION_NUM 0x010700 +#define LIBSSH2_VERSION_NUM 0x010802 /* * This is the date and time when the full source package was created. The @@ -80,7 +80,7 @@ * * "Mon Feb 12 11:35:33 UTC 2007" */ -#define LIBSSH2_TIMESTAMP "DEV" +#define LIBSSH2_TIMESTAMP "Mon Mar 25 19:29:57 UTC 2019" #ifndef RC_INVOKED @@ -145,18 +145,6 @@ typedef int libssh2_socket_t; #define LIBSSH2_INVALID_SOCKET -1 #endif /* WIN32 */ -#ifndef SIZE_MAX -#if _WIN64 -#define SIZE_MAX 0xFFFFFFFFFFFFFFFF -#else -#define SIZE_MAX 0xFFFFFFFF -#endif -#endif - -#ifndef UINT_MAX -#define UINT_MAX 0xFFFFFFFF -#endif - /* * Determine whether there is small or large file support on windows. */ diff --git a/libs/libssh2/src/Makefile.in b/libs/libssh2/src/Makefile.in index 9e59967eeb..44533bdede 100644 --- a/libs/libssh2/src/Makefile.in +++ b/libs/libssh2/src/Makefile.in @@ -1,7 +1,7 @@ -# Makefile.in generated by automake 1.15 from Makefile.am. +# Makefile.in generated by automake 1.16.1 from Makefile.am. # @configure_input@ -# Copyright (C) 1994-2014 Free Software Foundation, Inc. +# Copyright (C) 1994-2018 Free Software Foundation, Inc. # This Makefile.in is free software; the Free Software Foundation # gives unlimited permission to copy and/or distribute it, @@ -176,7 +176,20 @@ am__v_at_0 = @ am__v_at_1 = DEFAULT_INCLUDES = depcomp = $(SHELL) $(top_srcdir)/depcomp -am__depfiles_maybe = depfiles +am__maybe_remake_depfiles = depfiles +am__depfiles_remade = ./$(DEPDIR)/agent.Plo ./$(DEPDIR)/channel.Plo \ + ./$(DEPDIR)/comp.Plo ./$(DEPDIR)/crypt.Plo \ + ./$(DEPDIR)/global.Plo ./$(DEPDIR)/hostkey.Plo \ + ./$(DEPDIR)/keepalive.Plo ./$(DEPDIR)/kex.Plo \ + ./$(DEPDIR)/knownhost.Plo ./$(DEPDIR)/libgcrypt.Plo \ + ./$(DEPDIR)/mac.Plo ./$(DEPDIR)/mbedtls.Plo \ + ./$(DEPDIR)/misc.Plo ./$(DEPDIR)/openssl.Plo \ + ./$(DEPDIR)/os400qc3.Plo ./$(DEPDIR)/packet.Plo \ + ./$(DEPDIR)/pem.Plo ./$(DEPDIR)/publickey.Plo \ + ./$(DEPDIR)/scp.Plo ./$(DEPDIR)/session.Plo \ + ./$(DEPDIR)/sftp.Plo ./$(DEPDIR)/transport.Plo \ + ./$(DEPDIR)/userauth.Plo ./$(DEPDIR)/version.Plo \ + ./$(DEPDIR)/wincng.Plo am__mv = mv -f COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \ $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) @@ -463,8 +476,8 @@ Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status *config.status*) \ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \ *) \ - echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe)'; \ - cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe);; \ + echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__maybe_remake_depfiles)'; \ + cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__maybe_remake_depfiles);; \ esac; $(srcdir)/../Makefile.OpenSSL.inc $(srcdir)/../Makefile.libgcrypt.inc $(srcdir)/../Makefile.WinCNG.inc $(srcdir)/../Makefile.os400qc3.inc $(srcdir)/../Makefile.mbedTLS.inc $(srcdir)/../Makefile.inc $(am__empty): @@ -536,31 +549,37 @@ mostlyclean-compile: distclean-compile: -rm -f *.tab.c -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/agent.Plo@am__quote@ -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/channel.Plo@am__quote@ -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/comp.Plo@am__quote@ -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/crypt.Plo@am__quote@ -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/global.Plo@am__quote@ -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/hostkey.Plo@am__quote@ -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/keepalive.Plo@am__quote@ -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/kex.Plo@am__quote@ -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/knownhost.Plo@am__quote@ -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libgcrypt.Plo@am__quote@ -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/mac.Plo@am__quote@ -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/mbedtls.Plo@am__quote@ -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/misc.Plo@am__quote@ -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/openssl.Plo@am__quote@ -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/os400qc3.Plo@am__quote@ -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/packet.Plo@am__quote@ -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/pem.Plo@am__quote@ -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/publickey.Plo@am__quote@ -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/scp.Plo@am__quote@ -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/session.Plo@am__quote@ -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/sftp.Plo@am__quote@ -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/transport.Plo@am__quote@ -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/userauth.Plo@am__quote@ -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/version.Plo@am__quote@ -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/wincng.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/agent.Plo@am__quote@ # am--include-marker +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/channel.Plo@am__quote@ # am--include-marker +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/comp.Plo@am__quote@ # am--include-marker +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/crypt.Plo@am__quote@ # am--include-marker +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/global.Plo@am__quote@ # am--include-marker +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/hostkey.Plo@am__quote@ # am--include-marker +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/keepalive.Plo@am__quote@ # am--include-marker +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/kex.Plo@am__quote@ # am--include-marker +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/knownhost.Plo@am__quote@ # am--include-marker +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libgcrypt.Plo@am__quote@ # am--include-marker +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/mac.Plo@am__quote@ # am--include-marker +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/mbedtls.Plo@am__quote@ # am--include-marker +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/misc.Plo@am__quote@ # am--include-marker +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/openssl.Plo@am__quote@ # am--include-marker +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/os400qc3.Plo@am__quote@ # am--include-marker +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/packet.Plo@am__quote@ # am--include-marker +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/pem.Plo@am__quote@ # am--include-marker +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/publickey.Plo@am__quote@ # am--include-marker +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/scp.Plo@am__quote@ # am--include-marker +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/session.Plo@am__quote@ # am--include-marker +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/sftp.Plo@am__quote@ # am--include-marker +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/transport.Plo@am__quote@ # am--include-marker +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/userauth.Plo@am__quote@ # am--include-marker +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/version.Plo@am__quote@ # am--include-marker +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/wincng.Plo@am__quote@ # am--include-marker + +$(am__depfiles_remade): + @$(MKDIR_P) $(@D) + @echo '# dummy' >$@-t && $(am__mv) $@-t $@ + +am--depfiles: $(am__depfiles_remade) .c.o: @am__fastdepCC_TRUE@ $(AM_V_CC)$(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $< @@ -641,7 +660,10 @@ cscopelist-am: $(am__tagged_files) distclean-tags: -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags -distdir: $(DISTFILES) +distdir: $(BUILT_SOURCES) + $(MAKE) $(AM_MAKEFLAGS) distdir-am + +distdir-am: $(DISTFILES) @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ list='$(DISTFILES)'; \ @@ -714,7 +736,31 @@ clean-am: clean-generic clean-libLTLIBRARIES clean-libtool \ mostlyclean-am distclean: distclean-am - -rm -rf ./$(DEPDIR) + -rm -f ./$(DEPDIR)/agent.Plo + -rm -f ./$(DEPDIR)/channel.Plo + -rm -f ./$(DEPDIR)/comp.Plo + -rm -f ./$(DEPDIR)/crypt.Plo + -rm -f ./$(DEPDIR)/global.Plo + -rm -f ./$(DEPDIR)/hostkey.Plo + -rm -f ./$(DEPDIR)/keepalive.Plo + -rm -f ./$(DEPDIR)/kex.Plo + -rm -f ./$(DEPDIR)/knownhost.Plo + -rm -f ./$(DEPDIR)/libgcrypt.Plo + -rm -f ./$(DEPDIR)/mac.Plo + -rm -f ./$(DEPDIR)/mbedtls.Plo + -rm -f ./$(DEPDIR)/misc.Plo + -rm -f ./$(DEPDIR)/openssl.Plo + -rm -f ./$(DEPDIR)/os400qc3.Plo + -rm -f ./$(DEPDIR)/packet.Plo + -rm -f ./$(DEPDIR)/pem.Plo + -rm -f ./$(DEPDIR)/publickey.Plo + -rm -f ./$(DEPDIR)/scp.Plo + -rm -f ./$(DEPDIR)/session.Plo + -rm -f ./$(DEPDIR)/sftp.Plo + -rm -f ./$(DEPDIR)/transport.Plo + -rm -f ./$(DEPDIR)/userauth.Plo + -rm -f ./$(DEPDIR)/version.Plo + -rm -f ./$(DEPDIR)/wincng.Plo -rm -f Makefile distclean-am: clean-am distclean-compile distclean-generic \ distclean-hdr distclean-tags @@ -760,7 +806,31 @@ install-ps-am: installcheck-am: maintainer-clean: maintainer-clean-am - -rm -rf ./$(DEPDIR) + -rm -f ./$(DEPDIR)/agent.Plo + -rm -f ./$(DEPDIR)/channel.Plo + -rm -f ./$(DEPDIR)/comp.Plo + -rm -f ./$(DEPDIR)/crypt.Plo + -rm -f ./$(DEPDIR)/global.Plo + -rm -f ./$(DEPDIR)/hostkey.Plo + -rm -f ./$(DEPDIR)/keepalive.Plo + -rm -f ./$(DEPDIR)/kex.Plo + -rm -f ./$(DEPDIR)/knownhost.Plo + -rm -f ./$(DEPDIR)/libgcrypt.Plo + -rm -f ./$(DEPDIR)/mac.Plo + -rm -f ./$(DEPDIR)/mbedtls.Plo + -rm -f ./$(DEPDIR)/misc.Plo + -rm -f ./$(DEPDIR)/openssl.Plo + -rm -f ./$(DEPDIR)/os400qc3.Plo + -rm -f ./$(DEPDIR)/packet.Plo + -rm -f ./$(DEPDIR)/pem.Plo + -rm -f ./$(DEPDIR)/publickey.Plo + -rm -f ./$(DEPDIR)/scp.Plo + -rm -f ./$(DEPDIR)/session.Plo + -rm -f ./$(DEPDIR)/sftp.Plo + -rm -f ./$(DEPDIR)/transport.Plo + -rm -f ./$(DEPDIR)/userauth.Plo + -rm -f ./$(DEPDIR)/version.Plo + -rm -f ./$(DEPDIR)/wincng.Plo -rm -f Makefile maintainer-clean-am: distclean-am maintainer-clean-generic @@ -781,9 +851,9 @@ uninstall-am: uninstall-libLTLIBRARIES .MAKE: all install-am install-strip -.PHONY: CTAGS GTAGS TAGS all all-am check check-am clean clean-generic \ - clean-libLTLIBRARIES clean-libtool cscopelist-am ctags \ - ctags-am distclean distclean-compile distclean-generic \ +.PHONY: CTAGS GTAGS TAGS all all-am am--depfiles check check-am clean \ + clean-generic clean-libLTLIBRARIES clean-libtool cscopelist-am \ + ctags ctags-am distclean distclean-compile distclean-generic \ distclean-hdr distclean-libtool distclean-tags distdir dvi \ dvi-am html html-am info info-am install install-am \ install-data install-data-am install-dvi install-dvi-am \ diff --git a/libs/libssh2/src/libssh2_priv.h b/libs/libssh2/src/libssh2_priv.h index 841467773e..bb5d1a50a1 100644 --- a/libs/libssh2/src/libssh2_priv.h +++ b/libs/libssh2/src/libssh2_priv.h @@ -40,6 +40,7 @@ #ifndef LIBSSH2_PRIV_H #define LIBSSH2_PRIV_H 1 +#define LIBSSH2_LIBRARY #include "libssh2_config.h" #ifdef HAVE_WINDOWS_H @@ -145,6 +146,18 @@ static inline int writev(int sock, struct iovec *iov, int nvecs) #endif +#ifndef SIZE_MAX +#if _WIN64 +#define SIZE_MAX 0xFFFFFFFFFFFFFFFF +#else +#define SIZE_MAX 0xFFFFFFFF +#endif +#endif + +#ifndef UINT_MAX +#define UINT_MAX 0xFFFFFFFF +#endif + /* RFC4253 section 6.1 Maximum Packet Length says: * * "All implementations MUST be able to process packets with diff --git a/libs/libssh2/src/userauth.c b/libs/libssh2/src/userauth.c index ed804629d2..c02d81d0ea 100644 --- a/libs/libssh2/src/userauth.c +++ b/libs/libssh2/src/userauth.c @@ -107,7 +107,7 @@ static char *userauth_list(LIBSSH2_SESSION *session, const char *username, LIBSSH2_FREE(session, session->userauth_list_data); session->userauth_list_data = NULL; - if (rc || (session->userauth_list_data_len < 1)) { + if (rc) { _libssh2_error(session, LIBSSH2_ERROR_SOCKET_SEND, "Unable to send userauth-none request"); session->userauth_list_state = libssh2_NB_state_idle; @@ -127,7 +127,7 @@ static char *userauth_list(LIBSSH2_SESSION *session, const char *username, _libssh2_error(session, LIBSSH2_ERROR_EAGAIN, "Would block requesting userauth list"); return NULL; - } else if (rc) { + } else if (rc || (session->userauth_list_data_len < 1)) { _libssh2_error(session, rc, "Failed getting response"); session->userauth_list_state = libssh2_NB_state_idle; return NULL; @@ -1172,7 +1172,7 @@ _libssh2_userauth_publickey(LIBSSH2_SESSION *session, NULL, 0); if (rc == LIBSSH2_ERROR_EAGAIN) return _libssh2_error(session, LIBSSH2_ERROR_EAGAIN, "Would block"); - else if (rc || (session->userauth_pblc_data_len < 1)) { + else if (rc) { LIBSSH2_FREE(session, session->userauth_pblc_packet); session->userauth_pblc_packet = NULL; LIBSSH2_FREE(session, session->userauth_pblc_method); @@ -1195,7 +1195,7 @@ _libssh2_userauth_publickey(LIBSSH2_SESSION *session, if (rc == LIBSSH2_ERROR_EAGAIN) { return _libssh2_error(session, LIBSSH2_ERROR_EAGAIN, "Would block"); } - else if (rc) { + else if (rc || (session->userauth_pblc_data_len < 1)) { LIBSSH2_FREE(session, session->userauth_pblc_packet); session->userauth_pblc_packet = NULL; LIBSSH2_FREE(session, session->userauth_pblc_method); -- cgit v1.2.3