fix(security): limit zlib decompression output to prevent DoS

ZlibCompressor.uncompress() had no bound on output size. A malicious server
could send a small compressed packet (~1 KB) that expands to hundreds of MB,
exhausting client memory. This is exploitable post-KEX on any connection that
negotiates zlib or zlib@openssh.com compression.

Cap decompressed output at MAX_UNCOMPRESSED_SIZE (512 KB) per packet and
throw SshException if exceeded, causing the connection to be torn down.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

Author: kruton

sshlib/src/main/kotlin/org/connectbot/sshlib/crypto/ZlibCompressor.kt

@@ -1,6 +1,6 @@
 /*
  * ConnectBot SSH Library
- * Copyright 2025 Kenny Root
+ * Copyright 2025-2026 Kenny Root
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -17,10 +17,16 @@
 
 package org.connectbot.sshlib.crypto
 
+import org.connectbot.sshlib.SshException
 import java.util.zip.Deflater
 import java.util.zip.Inflater
 
 internal class ZlibCompressor : PacketCompressor {
+    companion object {
+        // Max decompressed size per packet. Prevents decompression-bomb DoS from a malicious server.
+        internal const val MAX_UNCOMPRESSED_SIZE = 512 * 1024
+    }
+
     private val deflater = Deflater(5)
     private val inflater = Inflater()
 
@@ -54,8 +60,12 @@ internal class ZlibCompressor : PacketCompressor {
             val count = inflater.inflate(output, totalOut, output.size - totalOut)
             totalOut += count
             if (count == 0) break
+            if (totalOut > MAX_UNCOMPRESSED_SIZE) {
+                throw SshException("Decompressed packet exceeds maximum allowed size ($MAX_UNCOMPRESSED_SIZE bytes)")
+            }
             if (totalOut == output.size) {
-                output = output.copyOf(output.size * 2)
+                val newSize = minOf(output.size * 2, MAX_UNCOMPRESSED_SIZE + 1)
+                output = output.copyOf(newSize)
             }
         }
 

sshlib/src/test/kotlin/org/connectbot/sshlib/crypto/ZlibCompressorTest.kt

@@ -1,6 +1,6 @@
 /*
  * ConnectBot SSH Library
- * Copyright 2025 Kenny Root
+ * Copyright 2025-2026 Kenny Root
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -17,10 +17,12 @@
 
 package org.connectbot.sshlib.crypto
 
+import org.connectbot.sshlib.SshException
 import org.junit.jupiter.api.Assertions.assertArrayEquals
 import org.junit.jupiter.api.Assertions.assertEquals
 import org.junit.jupiter.api.Test
 import kotlin.random.Random
+import kotlin.test.assertFailsWith
 
 class ZlibCompressorTest {
 
@@ -111,6 +113,34 @@ class ZlibCompressorTest {
         assertEquals(data.size, decompressed.size)
     }
 
+    @Test
+    fun `rejects decompression bomb exceeding limit`() {
+        val compressor = ZlibCompressor()
+        val decompressor = ZlibCompressor()
+
+        // Highly compressible data: 1 MB of zeros compresses to ~1 KB
+        val bomb = ByteArray(1_024 * 1_024)
+        val compressed = compressor.compress(bomb)
+
+        // The compressed form is small, but decompressing it must be rejected
+        // when the output would exceed MAX_UNCOMPRESSED_SIZE
+        assertFailsWith<SshException> {
+            decompressor.uncompress(compressed)
+        }
+    }
+
+    @Test
+    fun `accepts decompressed output within limit`() {
+        val compressor = ZlibCompressor()
+        val decompressor = ZlibCompressor()
+
+        // Half of the limit — should succeed
+        val data = ByteArray(ZlibCompressor.MAX_UNCOMPRESSED_SIZE / 2) { it.toByte() }
+        val compressed = compressor.compress(data)
+        val result = decompressor.uncompress(compressed)
+        assertArrayEquals(data, result)
+    }
+
     @Test
     fun smallInputFitsInInitialBuffer() {
         val compressor = ZlibCompressor()