You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Description libssh2_channel_read starts misbehaving when using large buffers, around 4GB or more in size. It seems that the API accepts size_t buflen which is 64bit (on my machine), but that gets converted to uint32_t in the implementation causing various problems. One of the errors manifests when adjusting the receive window, e.g. Unable to send transfer-window adjustment packet, deferring, while the SSH server reports something like sshd[29804]: fatal: channel 0: adjust 4294967295 overflows remote window 2097152
Description
libssh2_channel_read
starts misbehaving when using large buffers, around 4GB or more in size. It seems that the API acceptssize_t buflen
which is 64bit (on my machine), but that gets converted touint32_t
in the implementation causing various problems. One of the errors manifests when adjusting the receive window, e.g.Unable to send transfer-window adjustment packet, deferring
, while the SSH server reports something likesshd[29804]: fatal: channel 0: adjust 4294967295 overflows remote window 2097152
Code To Reproduce
Expected behavior
libssh2 should handle u32 overflows gracefully
Version (please complete the following information):
The text was updated successfully, but these errors were encountered: