Subject: Re: Question about kex.c:1868

Re: Question about kex.c:1868

From: Daniel Stenberg <daniel_at_haxx.se>
Date: Tue, 13 Mar 2012 22:29:14 +0100 (CET)

On Sun, 11 Mar 2012, Steven Dake wrote:

> Not entirely sure how this code snippet is supposed to work, but is it
> possible that the following could happen:
>
> method_type = LIBSSH2_METHOD_LANG_CS or LANG_SC
>
> (this sets mlist to NULL)
>
> mlist passed in as NULL to 3rd parameter of kex_get_method_by_name resulting
> in segfault from null dereference?

I tracked down the origin of that code. It was added Dec 9 2004 by Sara and
was never really changed since (just re-indented and white-space modified).

I suggest we add a check for it so that we're _sure_ it can't happen. Or what
do you think?

-- 
  / daniel.haxx.se
_______________________________________________
libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel
Received on 2012-03-13