On 03/04/2011 04:02 PM, Pierre-Yves Fontaniere wrote:
On 03/04/2011 03:47 PM, Aris Adamantiadis wrote:
Hi Pierre-Yves,
That's not a normal behaviour of libssh. Could you point me the
backtrace of the malloc(0) call ? (or at least the line number in
packet.c)
Hi Aris,
Line 157 of packet.c : packet_decrypt returns -1
And
Line 68 of crypts.c : the faulty malloc in packet_decrypt function.
Pierre-yves
When I look at libssh logs :
packet_read2 says :
"Read a 12 bytes packet"
The buffer length returned by "buffer_get_len" is packet size + 4 from
what i'm seeing on other calls.
So on the last packet (the failed one) "buffer_get_len" returns 16 and
blocksize is 16.
When we call packet_decrypt like this is done on line 157 of packet.c,
we give a parameter len=0.
Pierre-yves
