src/ssh/enc/aes256-ctr.c src/ssh/kex/curve25519-sha256.c dh-gex-sha256

BBS:      TELESC.NET.BR
Assunto:  src/ssh/enc/aes256-ctr.c src/ssh/kex/curve25519-sha256.c dh-gex-sha256
De:       Deuc¨
Data:     Wed, 25 Mar 2026 23:06:00 -0700
-----------------------------------------------------------
https://gitlab.synchro.net/main/sbbs/-/commit/7aa05c370a0dbe347d819876
Modified Files:
	src/ssh/enc/aes256-ctr.c src/ssh/kex/curve25519-sha256.c dh-gex-sha256.c src/ssh/key_algo/rsa-sha2-256.c src/ssh/ssh-auth.c ssh-conn.c ssh-internal.h ssh-trans.c
Log Message:
Range-check all narrowing casts; DSSH_STRLEN macro

Every runtime size_t  uint32_t cast now has an explicit range
check before the narrowing.  Casts backed by provable invariants
(received packet lengths, fixed-size buffers, BN_num_bytes chain)
are documented and left as single-use inline casts.  Values used
more than once after narrowing get an initializer variable.

DSSH_STRLEN(lit) macro replaces (uint32_t)(sizeof(lit) - 1).
EVP_EncryptUpdate bufsz gets INT_MAX guard.  send_packet
arithmetic cast replaced with range-checked initializer.

Co-Authored-By: Claude Opus 4.6 (1M context) 
n
---
  mSynchronetn  hgVertrauen n hHome of Synchronet n gh[vert/cvs/bbs].synchro.net

-----------------------------------------------------------
[Voltar]