1. Forum
  2. DOVE-Net
  3. Synchronet Programming

  • src/ssh/TODO.md ssh-trans.c

    From Deuc¿@VERT to Git commit to main/sbbs/master on Wednesday, March 25, 2026 23:06:00
    https://gitlab.synchro.net/main/sbbs/-/commit/2b6b076b726680ff6a883133
    Modified Files:
    src/ssh/TODO.md ssh-trans.c
    Log Message:
    Fix three arithmetic issues found by exhaustive audit

    - send_packet: guard 5+payload_len and 4+packet_length against
    size_t overflow before use in padding calc and buffer sizing
    - KEXINIT name-list parser: fix infinite loop when nlen==UINT32_MAX
    (j<=nlen with j++ wraps to 0 and never terminates)
    - TODO: document channel ID collision risk on uint32_t wrap

    Co-Authored-By: Claude Opus 4.6 (1M context) <[email protected]>

    ---
    � Synchronet � Vertrauen � Home of Synchronet � [vert/cvs/bbs].synchro.net
  • From Deuc¿@VERT to Git commit to main/sbbs/master on Saturday, March 28, 2026 12:55:04
    https://gitlab.synchro.net/main/sbbs/-/commit/9f6265e5b8324eb042024b8f
    Modified Files:
    src/ssh/TODO.md ssh-trans.c
    Log Message:
    Close item 17: replace cascading cleanup with goto in transport_init/newkeys

    transport_init: 7 allocation failure points (4 buffers + 3 sync
    primitives) each duplicated cleanup of all prior resources. Replaced
    with goto init_cleanup; bool flags track which sync primitives need
    destroying.

    newkeys: 6 key buffer mallocs had cascading cleanse_free chains;
    replaced with NULL-initialized pointers and goto keys_cleanup
    (reusing the existing label). Also simplified the post-derive_key
    error block from 8 lines to a single goto.

    Eliminates ~50 lines of duplicated cleanup code across 8 error paths.

    Co-Authored-By: Claude Opus 4.6 (1M context) <[email protected]>

    ---
    � Synchronet � Vertrauen � Home of Synchronet � [vert/cvs/bbs].synchro.net