Hello everyone, I just posted a bunch of patches to the Git repository that are the result of running the code analysis feature of VS2012 against libssh2 using the new CMake generated project files.
Most of them are quite basic, but at least the following two patches raise additional questions that I would like to bring to your attention: - kex.c: fix possible NULL pointer de-reference with session->kex [1] - packet.c: fix possible NULL pointer de-reference within listen_state [2] I think that just catching the possible NULL pointer in those code paths is actually not enough to make libssh2 behave correctly. In my opinion some kind of error code needs to be raised if such an error condition is reached. What do you think? Patches and ideas are welcome. Best regards, Marc [1] http://git.libssh2.org/?p=libssh2.git;a=commitdiff;h=1c1699545b0a1114e8ca3e6cd097cc9df1e67201;js=1 [2] http://git.libssh2.org/?p=libssh2.git;a=commitdiff;h=e57f29f8f65c83063fd8f63c88f88830fc269bd6;js=1 _______________________________________________ libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel
