search for: hasnohigh

Displaying 2 results from an estimated 2 matches for "hasnohigh".

2004 Feb 21
0
overflow in buffer_put_bignum2
Hi When buffer_put_bugnum2 is called with zero bignum, it touches unallocated memory: BN_num_bytes returns 0, one byte is allocated and hasnohigh = (buf[1] & 0x80) ? 0 : 1; touches array out of bounds. Mikulas
2003 Oct 08
4
OS/390 openssh
...it(); authctxt->postponed = 1; diff -bur openssh-3.7.1p2.orig/bufaux.c openssh-3.7.1p2/bufaux.c --- openssh-3.7.1p2.orig/bufaux.c Wed May 14 05:40:07 2003 +++ openssh-3.7.1p2/bufaux.c Tue Oct 7 08:22:00 2003 @@ -126,7 +126,7 @@ carry = !++uc[i]; } } - buffer_put_string(buffer, buf+hasnohigh, bytes-hasnohigh); + buffer_put_binary(buffer, buf+hasnohigh, bytes-hasnohigh); memset(buf, 0, bytes); xfree(buf); } @@ -136,7 +136,7 @@ buffer_get_bignum2(Buffer *buffer, BIGNUM *value) { u_int len; - u_char *bin = buffer_get_string(buffer, &len); + u_char *bin = buffer_get_binary(buf...