Subject: libssh2-devel post from requires approval

libssh2-devel post from requires approval

From: <>
Date: Mon, 27 Jul 2009 02:29:44 +0200

As list administrator, your authorization is requested for the
following mailing list posting:

    Subject: Problem with libssh2_scp_recv() and libssh2_channel_read()
    Reason: Post by non-member to a members-only list

At your convenience, visit:
to approve or deny the request.

attached mail follows:


Using the latest daily snapshot of libssh2, I have a problem downloading
files using libssh2_scp_recv(). When reading the data using
libssh2_channel_read(), I consistently fail to pass the new check in
transport.c, line 434, which was introduced to fix bug 2814613:
p->packet_length exceeds PACKETBUFSIZE (16384) and the function
_libssh2_transport_read() returns failure.
Shouldn't the check at line 455 (see below) take care of illegally large
values for p->packet_length?

>From transport.c, function _libssh2_transport_read():

 /* we now have the initial blocksize bytes decrypted,
  * and we can extract packet and padding length from it
 p->packet_length = _libssh2_ntohu32(block);
/* line 434 */ if ((p->packet_length < 1) || (p->packet_length >
    return PACKET_FAIL;

 p->padding_length = block[4];
 if (p->padding_length < 0)
    return PACKET_FAIL;

 /* total_num is the number of bytes following the initial
    (5 bytes) packet length and padding length fields */
 p->total_num =
    p->packet_length - 1 +
    (encrypted ? session->remote.mac->mac_len : 0);

/* RFC4253 section 6.1 Maximum Packet Length says:
 * "All implementations MUST be able to process
 * packets with uncompressed payload length of 32768
 * bytes or less and total packet size of 35000 bytes
 * or less (including length, padding length, payload,
 * padding, and MAC.)."
/* line 455 */ if (p->total_num > LIBSSH2_PACKET_MAXPAYLOAD) {
   return PACKET_TOOBIG;

Paul Veldkamp

attached mail follows:

If you reply to this message, keeping the Subject: header intact,
Mailman will discard the held message. Do this if the message is
spam. If you reply to this message and include an Approved: header
with the list password in it, the message will be approved for posting
to the list. The Approved: header can also appear in the first line
of the body of the reply.
Received on 2009-07-27