src/ssh/TODO.md src/ssh/kex/dh-gex-sha256.c src/ssh/ssh-arch.c ssh-aut

BBS:      TELESC.NET.BR
Assunto:  src/ssh/TODO.md src/ssh/kex/dh-gex-sha256.c src/ssh/ssh-arch.c ssh-aut
De:       Deuc¨
Data:     Fri, 27 Mar 2026 05:30:23 -0700
-----------------------------------------------------------
https://gitlab.synchro.net/main/sbbs/-/commit/ff68af17f401a99d55f7c16d
Modified Files:
	src/ssh/TODO.md src/ssh/kex/dh-gex-sha256.c src/ssh/ssh-arch.c ssh-auth.c ssh-trans.c
Log Message:
Fix serialize overflow checks that can wrap size_t on 32-bit

Convert all *pos + N > bufsz bounds checks to subtraction form
(*pos > bufsz || N > bufsz - *pos) to prevent size_t wraparound.
Also fix flush_pending_banner() strlen-to-uint32_t truncation and
serialize_namelist_from_str() silent truncation to UINT32_MAX.

Closes TODO items 2, 7, 21.

Co-Authored-By: Claude Opus 4.6 (1M context) 
n
---
  mSynchronetn  hgVertrauen n hHome of Synchronet n gh[vert/cvs/bbs].synchro.net

-----------------------------------------------------------
[Voltar]