From d77148e3a3ef6c29b26ec74331455394581aa257 Mon Sep 17 00:00:00 2001
From: "djm@openbsd.org" <djm@openbsd.org>
Date: Sun, 8 Nov 2015 21:59:11 +0000
Subject: [PATCH] upstream commit

fix OOB read in packet code caused by missing return
 statement found by Ben Hawkes; ok markus@ deraadt@

Upstream-ID: a3e3a85434ebfa0690d4879091959591f30efc62

Upstream-Status: Backport
CVE: CVE-2016-1907

[YOCTO #8935]

Signed-off-by: Armin Kuster <akuster@mvista.com>

---
 packet.c | 1 +
 1 file changed, 1 insertion(+)

Index: openssh-7.1p2/packet.c
===================================================================
--- openssh-7.1p2.orig/packet.c
+++ openssh-7.1p2/packet.c
@@ -1855,6 +1855,7 @@ ssh_packet_process_incoming(struct ssh *
 		if (len >= state->packet_discard) {
 			if ((r = ssh_packet_stop_discard(ssh)) != 0)
 				return r;
+			return SSH_ERR_CONN_CORRUPT;
 		}
 		state->packet_discard -= len;
 		return 0;