Fix buffer overflow (in buffer variable even!) detected by FORTIFY_SOURCE

and reported by wkitty42... you can turn ssh back on now. :D

Fix buffer overflow (in buffer variable even!) detected by FORTIFY_SOURCE
68b8e6cf · deuce · 6370a9a0 · 68b8e6cf
Commit 68b8e6cf authored 5 years ago by deuce
--- a/3rdp/build/cl-ssh-incCtr.patch
+++ b/3rdp/build/cl-ssh-incCtr.patch
 --- session/ssh2_crypt.c.orig	2019-01-21 16:56:04.000000000 -0500
-+++ session/ssh2_crypt.c	2020-02-14 02:36:21.428805000 -0500
+++ session/ssh2_crypt.c	2020-02-14 14:15:11.144585000 -0500
 @@ -55,12 +55,12 @@
 	/* Walk along the counter incrementing each byte if required */
 	LOOP_MED( i = blockSize - 1, i >= 0, i-- )
@@ -13,5 +13,14 @@
 -	ENSURES( ctrMSB != 0 || ctrMSBnext != ctrPtr[ blockSize - 2 ] );
 +	ENSURES( (ctrPtr[ blockSize - 1 ] != 0 || ctrMSBnext != ctrPtr[ blockSize - 2 ]) );
 
+ 	return( CRYPT_OK );
+ 	}
+@@ -388,7 +388,7 @@
+ 		memcpy( sshInfo->writeCTR, buffer, sessionInfoPtr->cryptBlocksize );
+ 	else
+ 		memcpy( sshInfo->readCTR, buffer, sessionInfoPtr->cryptBlocksize );
+-	zeroise( buffer, CRYPT_MAX_KEYSIZE );
+	zeroise( buffer, CRYPT_MAX_HASHSIZE );
+ 
 	return( CRYPT_OK );
 	}