From 4dd87339c85b6d711068b6b67aadf70c3e6b6c9d Mon Sep 17 00:00:00 2001
From: Vchanger <chenzhen44@huawei.com>
Date: Fri, 17 Apr 2020 15:38:42 +0800
Subject: [PATCH] libssh: fix CVE-2020-1730

---
 CVE-2020-1730.patch | 36 ++++++++++++++++++++++++++++++++++++
 libssh.spec         |  9 ++++++++-
 2 files changed, 44 insertions(+), 1 deletion(-)
 create mode 100644 CVE-2020-1730.patch

diff --git a/CVE-2020-1730.patch b/CVE-2020-1730.patch
new file mode 100644
index 0000000..4e81214
--- /dev/null
+++ b/CVE-2020-1730.patch
@@ -0,0 +1,36 @@
+From 26a8b6535159e3f7fb4a6204373b195f09e3bc20 Mon Sep 17 00:00:00 2001
+From: Andreas Schneider <asn@cryptomilk.org>
+Date: Tue, 11 Feb 2020 11:52:33 +0100
+Subject: [PATCH] CVE-2020-1730: Fix a possible segfault when zeroing AES-CTR
+ key
+
+Fixes T213
+
+Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
+Reviewed-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
+---
+ src/libcrypto.c | 8 ++++++--
+ 1 file changed, 6 insertions(+), 2 deletions(-)
+
+diff --git a/src/libcrypto.c b/src/libcrypto.c
+index b24a18f..2d692cd 100644
+--- a/src/libcrypto.c
++++ b/src/libcrypto.c
+@@ -638,8 +638,12 @@ static void aes_ctr_encrypt(struct ssh_cipher_struct *cipher, void *in, void *ou
+ }
+ 
+ static void aes_ctr_cleanup(struct ssh_cipher_struct *cipher){
+-    explicit_bzero(cipher->aes_key, sizeof(*cipher->aes_key));
+-    SAFE_FREE(cipher->aes_key);
++    if (cipher != NULL) {
++        if (cipher->aes_key != NULL) {
++            explicit_bzero(cipher->aes_key, sizeof(*cipher->aes_key));
++        }
++        SAFE_FREE(cipher->aes_key);
++    }
+ }
+ 
+ #endif /* HAVE_OPENSSL_EVP_AES_CTR */
+-- 
+1.8.3.1
+
diff --git a/libssh.spec b/libssh.spec
index 540cca1..178725a 100644
--- a/libssh.spec
+++ b/libssh.spec
@@ -1,6 +1,6 @@
 Name:           libssh
 Version:        0.8.3
-Release:        7
+Release:        8
 Summary:        A library implementing the SSH protocol
 License:        LGPLv2+
 URL:            https://www.libssh.org
@@ -25,6 +25,7 @@ Patch6009:      0002-CVE-2019-14889.patch
 Patch6010:      0003-CVE-2019-14889.patch
 Patch6011:      0004-CVE-2019-14889.patch
 Patch6012:      0005-CVE-2019-14889.patch
+Patch6013:      CVE-2020-1730.patch
 
 BuildRequires:  cmake libcmocka-devel krb5-devel zlib-devel pkgconfig
 BuildRequires:  doxygen gcc-c++ gnupg2 openssl-devel
@@ -107,6 +108,12 @@ popd
 %doc README ChangeLog obj/doc/html
 
 %changelog
+* Fri Apr 17 2020 openEuler Buildteam <buildteam@openeuler.org> - 0.8.3-8
+- Type:cves
+- ID:CVE-2020-1730
+- SUG:NA
+- DESC:fix CVE-2020-1730
+
 * Sun Jan 12 2020 openEuler Buildteam <buildteam@openeuler.org> - 0.8.3-7
 - Type:bugfix
 - Id:NA
-- 
Gitee