1. Forum
  2. FidoNet
  3. SYNC PROGRAMMING

  • src/ssh/kex/curve25519-sha256.c dh-gex-sha256.c src/ssh/key_algo/rsa-s

    From Deucе@1:103/705 to Git commit to main/sbbs/master on Wed Mar 25 23:06:00 2026
    https://gitlab.synchro.net/main/sbbs/-/commit/c4f45ec61d6977c200170917
    Modified Files:
    src/ssh/kex/curve25519-sha256.c dh-gex-sha256.c src/ssh/key_algo/rsa-sha2-256.c src/ssh/ssh-auth.c ssh-chan.c ssh-conn.c ssh-trans.c
    Log Message:
    Guard all arithmetic against overflow and underflow

    Every size computation before malloc is now checked against
    SIZE_MAX to prevent wrapping on platforms with small size_t.
    Cumulative counters (bytes_since_rekey, bytebuf total, msgqueue total_bytes/count) use saturating adds. Channel capacity
    doubling checks SIZE_MAX/2 and SIZE_MAX/sizeof(*).

    Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
    --- SBBSecho 3.37-Linux
    * Origin: Vertrauen - [vert/cvs/bbs].synchro.net (1:103/705)