On Monday 25 August 2014 11:48:09 Giovanni Panozzo wrote:
> Hi, I'm new on this list. I'm using libssh and I think I have found a
> bug which crashes my program.
>
> I'm posting here because the site red.libssh.org is currently broken.
>
>
> In src/dh.c the call:
>
> rc = ssh_buffer_pack(buf,
> "dPdP",
> CURVE25519_PUBKEY_SIZE,
> session->next_crypto->curve25519_client_pubkey,
> CURVE25519_PUBKEY_SIZE,
> session->next_crypto->curve25519_server_pubkey);
>
> Is missing the data length parameter for "P"
>
>
> Should it be ?
>
> rc = ssh_buffer_pack(buf,
> "dPdP",
> CURVE25519_PUBKEY_SIZE,
> CURVE25519_PUBKEY_SIZE,
> session->next_crypto->curve25519_client_pubkey,
> CURVE25519_PUBKEY_SIZE,
> CURVE25519_PUBKEY_SIZE,
> session->next_crypto->curve25519_server_pubkey);
>
Yes, you're correct. Good catch! I've pushed a fix upstream.
-- andreas
--
Andreas Schneider GPG-ID: CC014E3D
www.cryptomilk.org [email protected]
