diff options
author | djm@openbsd.org <djm@openbsd.org> | 2020-09-20 05:47:25 +0000 |
---|---|---|
committer | Damien Miller <djm@mindrot.org> | 2020-09-20 16:16:46 +1000 |
commit | 107eb3eeafcd390e1fa7cc7672a05e994d14013e (patch) | |
tree | b7957a7b8b6e4ff24a31de33b7ce537e509e8c4b | |
parent | acfe2ac5fe033e227ad3a56624fbbe4af8b5da04 (diff) | |
download | openssh-git-107eb3eeafcd390e1fa7cc7672a05e994d14013e.tar.gz |
upstream: cap channel input buffer size at 16MB; avoids high memory use
when peer advertises a large window but is slow to consume the data we send
(e.g. because of a slow network)
reported by Pierre-Yves David
fix with & ok markus@
OpenBSD-Commit-ID: 1452771f5e5e768876d3bfe2544e3866d6ade216
-rw-r--r-- | channels.c | 5 | ||||
-rw-r--r-- | channels.h | 5 |
2 files changed, 8 insertions, 2 deletions
@@ -1,4 +1,4 @@ -/* $OpenBSD: channels.c,v 1.401 2020/07/03 07:25:18 djm Exp $ */ +/* $OpenBSD: channels.c,v 1.402 2020/09/20 05:47:25 djm Exp $ */ /* * Author: Tatu Ylonen <ylo@cs.hut.fi> * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland @@ -354,6 +354,7 @@ channel_new(struct ssh *ssh, char *ctype, int type, int rfd, int wfd, int efd, struct ssh_channels *sc = ssh->chanctxt; u_int i, found; Channel *c; + int r; /* Try to find a free slot where to put the new channel. */ for (i = 0; i < sc->channels_alloc; i++) { @@ -383,6 +384,8 @@ channel_new(struct ssh *ssh, char *ctype, int type, int rfd, int wfd, int efd, (c->output = sshbuf_new()) == NULL || (c->extended = sshbuf_new()) == NULL) fatal("%s: sshbuf_new failed", __func__); + if ((r = sshbuf_set_max_size(c->input, CHAN_INPUT_MAX)) != 0) + fatal("%s: sshbuf_set_max_size: %s", __func__, ssh_err(r)); c->ostate = CHAN_OUTPUT_OPEN; c->istate = CHAN_INPUT_OPEN; channel_register_fds(ssh, c, rfd, wfd, efd, extusage, nonblock, 0); @@ -1,4 +1,4 @@ -/* $OpenBSD: channels.h,v 1.134 2020/07/05 23:59:45 djm Exp $ */ +/* $OpenBSD: channels.h,v 1.135 2020/09/20 05:47:25 djm Exp $ */ /* * Author: Tatu Ylonen <ylo@cs.hut.fi> @@ -223,6 +223,9 @@ struct Channel { /* Read buffer size */ #define CHAN_RBUF (16*1024) +/* Maximum channel input buffer size */ +#define CHAN_INPUT_MAX (16*1024*1024) + /* Hard limit on number of channels */ #define CHANNELS_MAX_CHANNELS (16*1024) |