Subject: Re: Question about kex.c:1868

Re: Question about kex.c:1868

From: Steven Dake <>
Date: Tue, 13 Mar 2012 15:52:14 -0700

On 03/13/2012 02:29 PM, Daniel Stenberg wrote:
> On Sun, 11 Mar 2012, Steven Dake wrote:
>> Not entirely sure how this code snippet is supposed to work, but is it
>> possible that the following could happen:
>> method_type = LIBSSH2_METHOD_LANG_CS or LANG_SC
>> (this sets mlist to NULL)
>> mlist passed in as NULL to 3rd parameter of kex_get_method_by_name
>> resulting in segfault from null dereference?
> I tracked down the origin of that code. It was added Dec 9 2004 by Sara
> and was never really changed since (just re-indented and white-space
> modified).
> I suggest we add a check for it so that we're _sure_ it can't happen. Or
> what do you think?

An assert would make sense (since we want to assert that something
doesn't happen rather then having it happen and resulting in segfault),
although asserts inside libraries are a bit evil. Another option is
return an error code, but not sure how that would be passable by the api

Received on 2012-03-13