Displaying 1 result from an estimated 1 matches for "sshbuf_set_parent".
2024 Aug 13
1
[PATCH] harden parent-child check in sshbuf.c
...if (__predict_false(buf == NULL ||
(!buf->readonly && buf->d != buf->cd) ||
+ buf->parent == buf ||
buf->refcount < 1 || buf->refcount > SSHBUF_REFS_MAX ||
buf->cd == NULL ||
buf->max_size > SSHBUF_SIZE_MAX ||
@@ -130,7 +131,8 @@ sshbuf_set_parent(struct sshbuf *child,
if ((r = sshbuf_check_sanity(child)) != 0 ||
(r = sshbuf_check_sanity(parent)) != 0)
return r;
- if (child->parent != NULL && child->parent != parent)
+ if ((child->parent != NULL && child->parent != parent) ||
+ child == parent)
r...