fix(security): enforce local receive window on incoming channel data

A malicious server could send SSH_MSG_CHANNEL_DATA beyond the advertised
local window (RFC 4254 §5.2), causing unbounded memory growth in the
Channel.UNLIMITED queues (DoS) and integer overflow in the window-adjust
computation when localWindowSize went negative.

Extract LocalChannelWindow to centralize both local consume-and-refill
and remote adjust-with-overflow-check logic, eliminating the duplication
across SessionChannel, ForwardingChannel, and AgentChannel. MAX_WINDOW_SIZE
now lives in LocalChannelWindow.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

Author: kruton

sshlib/src/main/kotlin/org/connectbot/sshlib/client/AgentChannel.kt

@@ -18,7 +18,6 @@
 package org.connectbot.sshlib.client
 
 import kotlinx.coroutines.channels.Channel
-import org.connectbot.sshlib.SshException
 import org.slf4j.LoggerFactory
 
 internal class AgentChannel(
@@ -28,16 +27,16 @@ internal class AgentChannel(
     private var remoteChannelNumber: Int,
     private val maxPacketSize: Int,
     remoteWindowSizeInitial: Long,
+    initialWindowSize: Int = 64 * 1024,
 ) {
     companion object {
         private val logger = LoggerFactory.getLogger(AgentChannel::class.java)
-        private const val MAX_WINDOW_SIZE = 0xFFFFFFFFL
     }
 
     private var _isOpen = true
     private var closeSent = false
 
-    @Volatile private var remoteWindowSize: Long = remoteWindowSizeInitial
+    private val window = LocalChannelWindow(initialWindowSize, remoteInitial = remoteWindowSizeInitial)
     private val windowAvailable = Channel<Unit>(Channel.CONFLATED)
 
     val isOpen: Boolean get() = _isOpen
@@ -47,8 +46,12 @@ internal class AgentChannel(
             logger.warn("Received data on closed agent channel")
             return
         }
+        val adjust = window.consumeLocal(data.size)
 
         logger.debug("Agent channel received ${data.size} bytes")
+        if (adjust > 0) {
+            connection.sendWindowAdjust(remoteChannelNumber, adjust)
+        }
 
         val response = handler.handleRequest(data)
 
@@ -57,15 +60,9 @@ internal class AgentChannel(
     }
 
     fun onWindowAdjust(bytesToAdd: Long) {
-        if (bytesToAdd <= 0) {
-            throw SshException("Invalid window adjust: bytesToAdd must be positive, got $bytesToAdd")
-        }
-        if (remoteWindowSize + bytesToAdd > MAX_WINDOW_SIZE) {
-            throw SshException("Channel window overflow: current=$remoteWindowSize, adding=$bytesToAdd exceeds max $MAX_WINDOW_SIZE")
-        }
-        remoteWindowSize += bytesToAdd
-        logger.debug("Agent channel window adjust +$bytesToAdd, remote window now $remoteWindowSize")
-        if (remoteWindowSize > 0) {
+        window.adjustRemote(bytesToAdd)
+        logger.debug("Agent channel window adjust +$bytesToAdd, remote window now ${window.remoteRemaining}")
+        if (window.remoteRemaining > 0) {
             windowAvailable.trySend(Unit)
         }
     }
@@ -91,17 +88,17 @@ internal class AgentChannel(
     private suspend fun sendData(data: ByteArray) {
         var offset = 0
         while (offset < data.size) {
-            while (remoteWindowSize <= 0) {
+            while (window.remoteRemaining <= 0) {
                 windowAvailable.receive()
             }
             val chunkSize = minOf(
                 data.size - offset,
-                remoteWindowSize.toInt(),
+                window.remoteRemaining.toInt(),
                 maxPacketSize,
             )
             val chunk = data.copyOfRange(offset, offset + chunkSize)
             connection.sendChannelData(remoteChannelNumber, chunk)
-            remoteWindowSize -= chunkSize
+            window.consumeRemote(chunkSize)
             offset += chunkSize
         }
     }

sshlib/src/main/kotlin/org/connectbot/sshlib/client/ForwardingChannel.kt

@@ -19,7 +19,6 @@ package org.connectbot.sshlib.client
 
 import kotlinx.coroutines.channels.Channel
 import kotlinx.coroutines.channels.ReceiveChannel
-import org.connectbot.sshlib.SshException
 import org.slf4j.LoggerFactory
 
 internal class ForwardingChannel(
@@ -32,15 +31,11 @@ internal class ForwardingChannel(
 ) {
     companion object {
         private val logger = LoggerFactory.getLogger(ForwardingChannel::class.java)
-        private const val WINDOW_ADJUST_THRESHOLD = 64 * 1024
-        private const val MAX_WINDOW_SIZE = 0xFFFFFFFFL
     }
 
     private var _isOpen = true
     private var closeSent = false
-    private var localWindowSize: Long = initialWindowSize.toLong()
-
-    @Volatile private var remoteWindowSize: Long = remoteWindowSizeInitial
+    private val window = LocalChannelWindow(initialWindowSize, remoteInitial = remoteWindowSizeInitial)
     private val windowAvailable = Channel<Unit>(Channel.CONFLATED)
 
     private val _incomingData = Channel<ByteArray>(Channel.UNLIMITED)
@@ -49,25 +44,17 @@ internal class ForwardingChannel(
     val isOpen: Boolean get() = _isOpen
 
     internal suspend fun onData(data: ByteArray) {
+        val adjust = window.consumeLocal(data.size)
         _incomingData.trySend(data)
-        localWindowSize -= data.size
-        if (localWindowSize < WINDOW_ADJUST_THRESHOLD) {
-            val adjust = initialWindowSize - localWindowSize.toInt()
-            localWindowSize += adjust
+        if (adjust > 0) {
             connection.sendWindowAdjust(remoteChannelNumber, adjust)
         }
     }
 
     internal fun onWindowAdjust(bytesToAdd: Long) {
-        if (bytesToAdd <= 0) {
-            throw SshException("Invalid window adjust: bytesToAdd must be positive, got $bytesToAdd")
-        }
-        if (remoteWindowSize + bytesToAdd > MAX_WINDOW_SIZE) {
-            throw SshException("Channel window overflow: current=$remoteWindowSize, adding=$bytesToAdd exceeds max $MAX_WINDOW_SIZE")
-        }
-        remoteWindowSize += bytesToAdd
-        logger.debug("Forwarding channel window adjust +$bytesToAdd, remote window now $remoteWindowSize")
-        if (remoteWindowSize > 0) {
+        window.adjustRemote(bytesToAdd)
+        logger.debug("Forwarding channel window adjust +$bytesToAdd, remote window now ${window.remoteRemaining}")
+        if (window.remoteRemaining > 0) {
             windowAvailable.trySend(Unit)
         }
     }
@@ -95,17 +82,17 @@ internal class ForwardingChannel(
     suspend fun sendData(data: ByteArray) {
         var offset = 0
         while (offset < data.size) {
-            while (remoteWindowSize <= 0) {
+            while (window.remoteRemaining <= 0) {
                 windowAvailable.receive()
             }
             val chunkSize = minOf(
                 data.size - offset,
-                remoteWindowSize.toInt(),
+                window.remoteRemaining.toInt(),
                 maxPacketSize,
             )
             val chunk = data.copyOfRange(offset, offset + chunkSize)
             connection.sendChannelData(remoteChannelNumber, chunk)
-            remoteWindowSize -= chunkSize
+            window.consumeRemote(chunkSize)
             offset += chunkSize
         }
     }

sshlib/src/main/kotlin/org/connectbot/sshlib/client/LocalChannelWindow.kt

@@ -0,0 +1,84 @@
+/*
+ * ConnectBot SSH Library
+ * Copyright 2025-2026 Kenny Root
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.connectbot.sshlib.client
+
+import org.connectbot.sshlib.SshException
+
+/**
+ * Tracks SSH channel flow control windows per RFC 4254 §5.2.
+ *
+ * Local window: bytes we are willing to receive. Enforces that the server never
+ * exceeds it; auto-refills when below [adjustThreshold].
+ *
+ * Remote window: bytes the server is willing to receive. Enforces uint32 max
+ * and positive-only adjustments per the protocol.
+ */
+internal class LocalChannelWindow(
+    private val initialSize: Int,
+    private val adjustThreshold: Int = 16 * 1024,
+    remoteInitial: Long = 0,
+) {
+    companion object {
+        const val MAX_WINDOW_SIZE = 0xFFFFFFFFL
+    }
+
+    private var localRemaining: Long = initialSize.toLong()
+
+    @Volatile var remoteRemaining: Long = remoteInitial
+        private set
+
+    /**
+     * Consume [size] bytes from the local window, rejecting excess data.
+     * Returns the window-adjust amount to send back (0 if no adjust needed).
+     */
+    fun consumeLocal(size: Int): Int {
+        if (size > localRemaining) {
+            throw SshException("Server sent $size bytes exceeding local window ($localRemaining)")
+        }
+        localRemaining -= size
+        return if (localRemaining < adjustThreshold) {
+            val adjust = initialSize - localRemaining.toInt()
+            localRemaining += adjust
+            adjust
+        } else {
+            0
+        }
+    }
+
+    /**
+     * Apply a window adjustment from the server, increasing the remote window.
+     * Validates [bytesToAdd] is positive and won't overflow the uint32 max.
+     */
+    fun adjustRemote(bytesToAdd: Long) {
+        if (bytesToAdd <= 0) {
+            throw SshException("Invalid window adjust: bytesToAdd must be positive, got $bytesToAdd")
+        }
+        if (remoteRemaining + bytesToAdd > MAX_WINDOW_SIZE) {
+            throw SshException("Channel window overflow: current=$remoteRemaining, adding=$bytesToAdd exceeds max $MAX_WINDOW_SIZE")
+        }
+        remoteRemaining += bytesToAdd
+    }
+
+    /**
+     * Consume [size] bytes from the remote window for sending.
+     * Caller must ensure [remoteRemaining] > 0 before calling.
+     */
+    fun consumeRemote(size: Int) {
+        remoteRemaining -= size
+    }
+}

sshlib/src/main/kotlin/org/connectbot/sshlib/client/SessionChannel.kt

@@ -25,7 +25,6 @@ import kotlinx.coroutines.delay
 import kotlinx.coroutines.launch
 import kotlinx.coroutines.sync.Mutex
 import kotlinx.coroutines.sync.withLock
-import org.connectbot.sshlib.SshException
 import org.connectbot.sshlib.SshSession
 import org.connectbot.sshlib.protocol.ByteString
 import org.connectbot.sshlib.protocol.ChannelRequestExec
@@ -52,15 +51,11 @@ class SessionChannel internal constructor(
 ) : SshSession {
     companion object {
         private val logger = LoggerFactory.getLogger(SessionChannel::class.java)
-        private const val WINDOW_ADJUST_THRESHOLD = 16 * 1024
-        private const val MAX_WINDOW_SIZE = 0xFFFFFFFFL
     }
 
     private var _isOpen = true
     private var closeSent = false
-    private var localWindowSize: Long = initialWindowSize.toLong()
-
-    @Volatile private var remoteWindowSize: Long = remoteWindowSizeInitial
+    private val window = LocalChannelWindow(initialWindowSize, remoteInitial = remoteWindowSizeInitial)
     private val windowAvailable = Channel<Unit>(Channel.CONFLATED)
 
     private val _stdout = Channel<ByteArray>(Channel.UNLIMITED)
@@ -88,38 +83,28 @@ class SessionChannel internal constructor(
         get() = ptyGranted && canSendChaff && obscureKeystrokeTimingIntervalMs > 0
 
     internal suspend fun onData(data: ByteArray) {
+        val adjust = window.consumeLocal(data.size)
         _stdout.trySend(data)
-        localWindowSize -= data.size
-        if (localWindowSize < WINDOW_ADJUST_THRESHOLD) {
-            val adjust = initialWindowSize - localWindowSize.toInt()
-            localWindowSize += adjust
+        if (adjust > 0) {
             connection.sendWindowAdjust(_remoteChannelNumber, adjust)
         }
     }
 
     internal suspend fun onExtendedData(dataType: Int, data: ByteArray) {
+        val adjust = window.consumeLocal(data.size)
         _extendedData.trySend(dataType to data)
         if (dataType == 1) {
             _stderr.trySend(data)
         }
-        localWindowSize -= data.size
-        if (localWindowSize < WINDOW_ADJUST_THRESHOLD) {
-            val adjust = initialWindowSize - localWindowSize.toInt()
-            localWindowSize += adjust
+        if (adjust > 0) {
             connection.sendWindowAdjust(_remoteChannelNumber, adjust)
         }
     }
 
     internal fun onWindowAdjust(bytesToAdd: Long) {
-        if (bytesToAdd <= 0) {
-            throw SshException("Invalid window adjust: bytesToAdd must be positive, got $bytesToAdd")
-        }
-        if (remoteWindowSize + bytesToAdd > MAX_WINDOW_SIZE) {
-            throw SshException("Channel window overflow: current=$remoteWindowSize, adding=$bytesToAdd exceeds max $MAX_WINDOW_SIZE")
-        }
-        remoteWindowSize += bytesToAdd
-        logger.debug("Window adjust +$bytesToAdd, remote window now $remoteWindowSize")
-        if (remoteWindowSize > 0) {
+        window.adjustRemote(bytesToAdd)
+        logger.debug("Window adjust +$bytesToAdd, remote window now ${window.remoteRemaining}")
+        if (window.remoteRemaining > 0) {
             windowAvailable.trySend(Unit)
         }
     }
@@ -163,17 +148,17 @@ class SessionChannel internal constructor(
     private suspend fun writeDirect(data: ByteArray) {
         var offset = 0
         while (offset < data.size) {
-            while (remoteWindowSize <= 0) {
+            while (window.remoteRemaining <= 0) {
                 windowAvailable.receive()
             }
             val chunkSize = minOf(
                 data.size - offset,
-                remoteWindowSize.toInt(),
+                window.remoteRemaining.toInt(),
                 maxPacketSize,
             )
             val chunk = data.copyOfRange(offset, offset + chunkSize)
             connection.sendChannelData(_remoteChannelNumber, chunk)
-            remoteWindowSize -= chunkSize
+            window.consumeRemote(chunkSize)
             offset += chunkSize
         }
     }