ParallelSSH · pkittenis · Sep 27, 2020 · Sep 23, 2020 · Sep 23, 2020 · Sep 23, 2020
diff --git a/Changelog.rst b/Changelog.rst
@@ -1,6 +1,13 @@
 Change Log
 =============
 
+0.7.0
++++++
+
+Changes
+-------
+
+* Updated embedded libssh to ``0.9.5``.
 
 0.6.0
 +++++

diff --git a/libssh/CMakeLists.txt b/libssh/CMakeLists.txt
@@ -10,7 +10,7 @@ list(APPEND CMAKE_MODULE_PATH "${CMAKE_CURRENT_SOURCE_DIR}/cmake/Modules")
 include(DefineCMakeDefaults)
 include(DefineCompilerFlags)
 
-project(libssh VERSION 0.9.4 LANGUAGES C)
+project(libssh VERSION 0.9.5 LANGUAGES C)
 
 # global needed variable
 set(APPLICATION_NAME ${PROJECT_NAME})
@@ -22,7 +22,7 @@ set(APPLICATION_NAME ${PROJECT_NAME})
 #     Increment AGE. Set REVISION to 0
 #   If the source code was changed, but there were no interface changes:
 #     Increment REVISION.
-set(LIBRARY_VERSION "4.8.5")
+set(LIBRARY_VERSION "4.8.6")
 set(LIBRARY_SOVERSION "4")
 
 # where to look first for cmake modules, before ${CMAKE_ROOT}/Modules/ is checked

diff --git a/libssh/ChangeLog b/libssh/ChangeLog
@@ -1,6 +1,17 @@
 ChangeLog
 ==========
 
+version 0.9.5 (released 2020-XX-XX)
+  * CVE-2020-16135: Avoid null pointer dereference in sftpserver (T232)
+  * Improve handling of library initialization (T222)
+  * Fix parsing of subsecond times in SFTP (T219)
+  * Make the documentation reproducible
+  * Remove deprecated API usage in OpenSSL
+  * Fix regression of ssh_channel_poll_timeout() returning SSH_AGAIN
+  * Define version in one place (T226)
+  * Prevent invalid free when using different C runtimes than OpenSSL (T229)
+  * Compatibility improvements to testsuite
+
 version 0.9.4 (released 2020-04-09)
   * Fixed CVE-2020-1730 - Possible DoS in client and server when handling
     AES-CTR keys with OpenSSL

diff --git a/libssh/doc/CMakeLists.txt b/libssh/doc/CMakeLists.txt
@@ -13,6 +13,7 @@ if (DOXYGEN_FOUND)
     set(DOXYGEN_TAB_SIZE 4)
     set(DOXYGEN_OPTIMIZE_OUTPUT_FOR_C YES)
     set(DOXYGEN_MARKDOWN_SUPPORT YES)
+    set(DOXYGEN_FULL_PATH_NAMES NO)
 
     set(DOXYGEN_PREDEFINED DOXYGEN
                            WITH_SERVER

diff --git a/libssh/examples/CMakeLists.txt b/libssh/examples/CMakeLists.txt
@@ -6,7 +6,7 @@ set(examples_SRCS
   connect_ssh.c
 )
 
-include_directories(${libssh_BINARY_DIR})
+include_directories(${libssh_BINARY_DIR}/include ${libssh_BINARY_DIR})
 
 if (ARGP_INCLUDE_DIR)
     include_directories(${ARGP_INCLUDE_DIR})

diff --git a/libssh/examples/exec.c b/libssh/examples/exec.c
@@ -8,7 +8,7 @@ int main(void) {
     ssh_session session;
     ssh_channel channel;
     char buffer[256];
-    int nbytes;
+    int rbytes, wbytes, total = 0;
     int rc;
 
     session = connect_ssh("localhost", NULL, 0);
@@ -35,15 +35,30 @@ int main(void) {
         goto failed;
     }
 
-    nbytes = ssh_channel_read(channel, buffer, sizeof(buffer), 0);
-    while (nbytes > 0) {
-        if (fwrite(buffer, 1, nbytes, stdout) != (unsigned int) nbytes) {
+    rbytes = ssh_channel_read(channel, buffer, sizeof(buffer), 0);
+    if (rbytes <= 0) {
+        goto failed;
+    }
+
+    do {
+        wbytes = fwrite(buffer + total, 1, rbytes, stdout);
+        if (wbytes <= 0) {
             goto failed;
         }
-        nbytes = ssh_channel_read(channel, buffer, sizeof(buffer), 0);
-    }
 
-    if (nbytes < 0) {
+        total += wbytes;
+
+        /* When it was not possible to write the whole buffer to stdout */
+        if (wbytes < rbytes) {
+            rbytes -= wbytes;
+            continue;
+        }
+
+        rbytes = ssh_channel_read(channel, buffer, sizeof(buffer), 0);
+        total = 0;
+    } while (rbytes > 0);
+
+    if (rbytes < 0) {
         goto failed;
     }