Files · 4505d02e03ddbf3b6adf1bf4a058f931626d5cd1 · nexlab / wsssh

Fix memory corruption in wssshd tunnel request parameter extraction · 4505d02e

Stefy Lanza (nextime / spora ) authored Sep 20, 2025

- Added bounds checking and validation for enc, service, and version parameter extraction
- Prevent buffer overflows by limiting parameter lengths to reasonable sizes (< 32 chars)
- Added null pointer and bounds validation before string operations
- Increased request_msg buffer size from 512 to 1024 bytes for safety
- Fixed potential heap corruption that was causing 'malloc(): invalid next size' errors

4505d02e

Name	Last commit	Last update
templates		Loading commit data...
wsssd		Loading commit data...
wsssh-server/debian		Loading commit data...
wssshd2		Loading commit data...
wssshtools		Loading commit data...
.gitignore		Loading commit data...
BRIDGE_MODE_TESTING.md		Loading commit data...
CHANGELOG.md		Loading commit data...
DOCUMENTATION.md		Loading commit data...
LICENSE.md		Loading commit data...
README.md		Loading commit data...
TODO.md		Loading commit data...
build.sh		Loading commit data...
clean.sh		Loading commit data...
image.jpg		Loading commit data...
prompt.txt		Loading commit data...
requirements.txt		Loading commit data...
service.conf.example		Loading commit data...
test_bridge_mode.sh		Loading commit data...
wssshc.conf.example		Loading commit data...
wssshc.init		Loading commit data...
wssshc_watcher.sh		Loading commit data...
wssshd.conf.example		Loading commit data...
wssshd.init		Loading commit data...
wssshd.py		Loading commit data...
wsssht.conf.example		Loading commit data...
wsssht.init		Loading commit data...

README.md