aboutsummaryrefslogtreecommitdiff
path: root/src
AgeCommit message (Expand)AuthorFilesLines
2013-06-17packet1: Don't free an invalid address.Andreas Schneider1-1/+0
2013-06-17pki: Limit privkey to 4M for now.Andreas Schneider1-0/+6
2013-06-17pki: Fix a resource leak on error.Andreas Schneider1-0/+3
2013-06-13pki: Fix resource leak on error.Andreas Schneider1-0/+1
2013-06-13client: Fix possible NULL pointer dereference.Andreas Schneider1-2/+2
2013-06-13known_hosts: Fix readablity.Andreas Schneider1-1/+1
2013-06-13pki: Use fstat() after opening the file.Andreas Schneider1-16/+16
2013-06-13kex: Fix a double free.Andreas Schneider1-0/+1
2013-06-13server: Fix a double free.Andreas Schneider1-4/+1
2013-06-02BUG 103: Fix ProxyCommand parsing.Andreas Schneider1-2/+21
2013-06-02config: Rename ssh_config_get_str().Andreas Schneider1-11/+11
2013-06-02opts: Fix segfault in option parser.Andreas Schneider1-3/+11
2013-04-05getpass: Don't fail if stdin is not a tty.Andreas Schneider1-23/+27
2013-02-26poll: return error on poll() when pollset is emptyAris Adamantiadis1-1/+1
2013-01-29socket: Call data handler as long as handler takes data.Johannes Krude1-4/+6
2013-01-23include: Fix the LGPL header.Andreas Schneider1-13/+12
2013-01-22options: Fix a free crash bug if we parse unknown options.Andreas Schneider1-6/+8
2012-12-27Report according status when errors are detectedAris Adamantiadis1-3/+18
2012-12-23Fix channel_write to wait during key reexchangesAris Adamantiadis1-1/+20
2012-12-23Implement key re-exchangeAris Adamantiadis6-14/+44
2012-12-19Fix an invalid strlen comparison in ssh_message_auth_reply_defaultAndrew Collins1-1/+1
2012-12-13string: Fix memory leak in ssh_string_to_char().Andreas Schneider1-6/+6
2012-12-03BUG 97: Remove obsolete hsterror().Andreas Schneider1-12/+1
2012-12-03BUG 94: Fix big endian issue.Andreas Schneider1-3/+5
2012-11-21pki: Add a size limit for pubkey files.Andreas Schneider1-1/+1
2012-11-14CVE-2012-4559: Make sure we don't free name and longname twice on error.Andreas Schneider1-10/+16
2012-11-14CVE-2012-4559: Ensure that we don't free req twice.Andreas Schneider1-1/+1
2012-11-14CVE-2012-4560: Fix a write one past the end of 'buf'.Andreas Schneider1-2/+3
2012-11-14CVE-2012-4560: Fix a write one past the end of the 'u' buffer.Andreas Schneider1-1/+1
2012-11-14CVE-2012-4562: Fix a possible infinite loop in buffer_reinit().Andreas Schneider1-4/+9
2012-11-14CVE-2012-4562: Fix multiple integer overflows in buffer-related functions.Xi Wang1-5/+21
2012-11-14CVE-2012-4562: Fix possible integer overflows.Xi Wang1-2/+14
2012-11-14CVE-2012-4562: Fix possible integer overflow in ssh_get_hexa().Xi Wang1-0/+5
2012-10-22pki: Fix integer overflow in ssh_pki_import_privkey_file().Xi Wang1-0/+5
2012-10-22channels: Fix integer overflow in generate_cookie().Xi Wang1-1/+1
2012-10-22channels1: Add missing request_state and set it to accepted.Andreas Schneider1-0/+1
2012-10-22auth1: Reset error state to no error.Andreas Schneider1-0/+1
2012-10-22session: Fix a possible use after free in ssh_free().Andreas Schneider1-33/+54
2012-10-14options: Fix documentation of ssh_options_get_port().Andreas Schneider1-1/+1
2012-10-12kex: Use getter functions to access kex arrays.Andreas Schneider3-7/+23
2012-10-12scp: Make sure buffer is initialzed.Andreas Schneider1-1/+1
2012-10-12pki: Make sure the key_buf is null terminated.Andreas Schneider1-0/+1
2012-10-12misc: Use a fixed buffer for getenv().Andreas Schneider1-2/+8
2012-10-12poll: Fix sizeof in ssh_poll_ctx_resize().Andreas Schneider1-2/+2
2012-10-12legacy: Use snprintf instead of sprintf.Andreas Schneider1-2/+3
2012-10-12dh: Don't use strcat for ssh_get_hexa().Andreas Schneider1-9/+8
2012-10-12server: Use strncat instead of strcat.Andreas Schneider1-4/+12
2012-10-12misc: Use strncpy instead of strcat.Andreas Schneider1-1/+1
2012-10-12pki: Fix a possible null pointer dereference.Andreas Schneider1-3/+3
2012-10-12messages: Fix memory leaks in user request callback.Andreas Schneider1-54/+41