diff options
| author | Anderson Toshiyuki Sasaki <ansasaki@redhat.com> | 2018-09-19 15:04:31 +0200 |
|---|---|---|
| committer | Andreas Schneider <asn@cryptomilk.org> | 2018-10-09 11:45:59 +0200 |
| commit | b9033ad56a498d0642f3258a54a32251278a319e (patch) | |
| tree | f017dd418844b3d26686c04e2c901e21bfc01fbb /include | |
| parent | e5ff7aa410c23954a2963b52e7b721a2d41536f3 (diff) | |
| download | libssh-b9033ad56a498d0642f3258a54a32251278a319e.tar.gz libssh-b9033ad56a498d0642f3258a54a32251278a319e.tar.xz libssh-b9033ad56a498d0642f3258a54a32251278a319e.zip | |
CVE-2018-10933: Introduced packet filtering
The packet filter checks required states for the incoming packets and
reject them if they arrived in the wrong state.
Fixes T101
Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
Diffstat (limited to 'include')
| -rw-r--r-- | include/libssh/packet.h | 6 |
1 files changed, 6 insertions, 0 deletions
diff --git a/include/libssh/packet.h b/include/libssh/packet.h index d8ef35bb..206c0b21 100644 --- a/include/libssh/packet.h +++ b/include/libssh/packet.h @@ -43,6 +43,12 @@ enum ssh_packet_state_e { PACKET_STATE_PROCESSING }; +enum ssh_packet_filter_result_e { + SSH_PACKET_UNKNOWN, + SSH_PACKET_ALLOWED, + SSH_PACKET_DENIED +}; + int packet_send(ssh_session session); #ifdef WITH_SSH1 |