Commit Graph

21 Commits

Author SHA1 Message Date
Tess Gauthier 11e2996573
address codeQL warnings (#598)
* codeql fixes

* fix type mismatches

* fix pointers in w32_time methods

* fixes for codeQL warnings

* modify checks for codeql warnings

* add comments for codeql suppressions

* additional codeql fixes and suppressions

* add codeql fixes

* add comments for codeql

* add comments for codeql

* switch from debug to error log messages

* fix another merge conflict

fix line endings in gss-sspi.c

* add null check in channels.c

* address PR feedback

* address additional review feedback

* add CodeQL comments to common code

* fix unittest-win32compat

* fix unit test

* address review feedback

* remove suppression
2022-11-30 11:57:01 -05:00
djm@openbsd.org 754e0d5c77 upstream: Add a sshbuf_read() that attempts to read(2) directly in
to a sshbuf; ok markus@

OpenBSD-Commit-ID: 2d8f249040a4279f3bc23c018947384de8d4a45b
2022-01-25 10:45:47 +11:00
djm@openbsd.org 750c1a45ba upstream: oops, missed one more %p
OpenBSD-Commit-ID: e7e62818d1564cc5cd9086eaf7a51cbd1a9701eb
2021-08-11 18:37:30 +10:00
djm@openbsd.org 12848191f8 upstream: support for RFC4648 base64url encoding; ok markus
OpenBSD-Commit-ID: 0ef22c55e772dda05c112c88412c0797fec66eb4
2020-06-22 16:11:14 +10:00
djm@openbsd.org 69796297c8 upstream: make sshbuf_dump() args const
OpenBSD-Commit-ID: b4a5accae750875d665b862504169769bcf663bd
2020-06-05 13:28:29 +10:00
jsg@openbsd.org d5ba1c0327 upstream: change explicit_bzero();free() to freezero()
While freezero() returns early if the pointer is NULL the tests for
NULL in callers are left to avoid warnings about passing an
uninitialised size argument across a function boundry.

ok deraadt@ djm@

OpenBSD-Commit-ID: 2660fa334fcc7cd05ec74dd99cb036f9ade6384a
2020-02-28 12:26:28 +11:00
djm@openbsd.org de40876c4a upstream: tidy headers; some junk snuck into sshbuf-misc.c and
sshbuf-io.c doesn't need SSHBUF_INTERNAL set

OpenBSD-Commit-ID: 27a724d2e0b2619c1a1490f44093bbd73580d9e6
2020-01-26 10:34:50 +11:00
djm@openbsd.org 99aa803555 upstream: factor out reading/writing sshbufs to dedicated
functions; feedback and ok markus@

OpenBSD-Commit-ID: dc09e5f1950b7acc91b8fdf8015347782d2ecd3d
2020-01-26 10:18:42 +11:00
Damien Miller cfc1897a20 wrap stdint.h include in HAVE_STDINT_H
make the indenting a little more consistent too..

Fixes Solaris 2.6; reported by Tom G. Christensen
2019-10-09 09:06:35 +11:00
djm@openbsd.org 49fa065a1b upstream: let sshbuf_find/cmp take a void* for the
search/comparison argument, instead of a u_char*. Saves callers needing to
cast.

OpenBSD-Commit-ID: d63b69b7c5dd570963e682f758f5a47b825605ed
2019-07-30 15:06:27 +10:00
djm@openbsd.org ed46a0c070 upstream: fix off-by-one in sshbuf_dtob64() base64 wrapping that could
cause extra newlines to be appended at the end of the base64 text (ugly, but
harmless). Found and fixed by Sebastian Kinne

OpenBSD-Commit-ID: 9fe290bd68f706ed8f986a7704ca5a2bd32d7b68
2019-07-18 23:27:09 +10:00
djm@openbsd.org 16dd8b2c78 upstream: remove mostly vestigal uuencode.[ch]; moving the only unique
functionality there (wrapping of base64-encoded data) to sshbuf functions;
feedback and ok markus@

OpenBSD-Commit-ID: 4dba6735d88c57232f6fccec8a08bdcfea44ac4c
2019-07-16 23:23:05 +10:00
djm@openbsd.org e18a27eedc upstream: two more bounds-checking sshbuf counterparts to common
string operations: sshbuf_cmp() (bcmp-like) and sshbuf_find() (memmem like)

feedback and ok markus@

OpenBSD-Commit-ID: fd071ec2485c7198074a168ff363a0d6052a706a
2019-07-15 23:21:18 +10:00
dtucker@openbsd.org 696fb4298e upstream: Remove some set but never used variables. ok daraadt@
OpenBSD-Commit-ID: 824baf9c59afc66a4637017e397b9b74a41684e7
2019-07-08 11:45:51 +10:00
djm@openbsd.org 1a31d02b24 upstream commit
fix signed/unsigned errors reported by clang-3.7; add
 sshbuf_dup_string() to replace a common idiom of strdup(sshbuf_ptr()) with
 better safety checking; feedback and ok markus@

Upstream-ID: 71f926d9bb3f1efed51319a6daf37e93d57c8820
2016-05-02 20:35:04 +10:00
djm@openbsd.org 905b054ed2 upstream commit
some more bzero->explicit_bzero, from Michael McConville

Upstream-ID: 17f19545685c33327db2efdc357c1c9225ff00d0
2015-10-06 12:26:41 +11:00
markus@openbsd.org df100be513 upstream commit
correct fmt-string for size_t as noted by Nicholas
 Lemonias; ok djm@
2015-03-27 12:00:47 +11:00
Darren Tucker 37f9220db8 Wrap stdint.h includes in ifdefs. 2015-02-23 03:07:24 +11:00
millert@openbsd.org 1910a286d7 upstream commit
Include stdint.h, not limits.h to get SIZE_MAX.  OK guenther@
2015-02-07 07:48:00 +11:00
Damien Miller 8668706d0f - djm@cvs.openbsd.org 2014/06/24 01:13:21
[Makefile.in auth-bsdauth.c auth-chall.c auth-options.c auth-rsa.c
     [auth2-none.c auth2-pubkey.c authfile.c authfile.h cipher-3des1.c
     [cipher-chachapoly.c cipher-chachapoly.h cipher.c cipher.h
     [digest-libc.c digest-openssl.c digest.h dns.c entropy.c hmac.h
     [hostfile.c key.c key.h krl.c monitor.c packet.c rsa.c rsa.h
     [ssh-add.c ssh-agent.c ssh-dss.c ssh-ecdsa.c ssh-ed25519.c
     [ssh-keygen.c ssh-pkcs11-client.c ssh-pkcs11-helper.c ssh-pkcs11.c
     [ssh-rsa.c sshbuf-misc.c sshbuf.h sshconnect.c sshconnect1.c
     [sshconnect2.c sshd.c sshkey.c sshkey.h
     [openbsd-compat/openssl-compat.c openbsd-compat/openssl-compat.h]
     New key API: refactor key-related functions to be more library-like,
     existing API is offered as a set of wrappers.

     with and ok markus@

     Thanks also to Ben Hawkes, David Tomaschik, Ivan Fratric, Matthew
     Dempsky and Ron Bowes for a detailed review a few months ago.

     NB. This commit also removes portable OpenSSH support for OpenSSL
     <0.9.8e.
2014-07-02 15:28:02 +10:00
Damien Miller 05e82c3b96 - djm@cvs.openbsd.org 2014/04/30 05:29:56
[bufaux.c bufbn.c bufec.c buffer.c buffer.h sshbuf-getput-basic.c]
     [sshbuf-getput-crypto.c sshbuf-misc.c sshbuf.c sshbuf.h ssherr.c]
     [ssherr.h]
     New buffer API; the first installment of the conversion/replacement
     of OpenSSH's internals to make them usable as a standalone library.

     This includes a set of wrappers to make it compatible with the
     existing buffer API so replacement can occur incrementally.

     With and ok markus@

     Thanks also to Ben Hawkes, David Tomaschik, Ivan Fratric, Matthew
     Dempsky and Ron Bowes for a detailed review.
2014-05-15 14:33:43 +10:00