From 29e0ecd9b4eb3b9f305e2240351f0c59cad9ef81 Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Wed, 9 Oct 2019 00:04:42 +0000 Subject: [PATCH] upstream: fix an unreachable integer overflow similar to the XMSS case, and some other NULL dereferences found by fuzzing. fix with and ok markus@ OpenBSD-Commit-ID: 0f81adbb95ef887ce586953e1cb225fa45c7a47b --- sshkey.c | 26 ++++++++++++++++++++++---- 1 file changed, 22 insertions(+), 4 deletions(-) diff --git a/sshkey.c b/sshkey.c index 612929427..ef90563b3 100644 --- a/sshkey.c +++ b/sshkey.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sshkey.c,v 1.83 2019/09/06 05:23:55 djm Exp $ */ +/* $OpenBSD: sshkey.c,v 1.84 2019/10/09 00:04:42 djm Exp $ */ /* * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. * Copyright (c) 2008 Alexander von Gernler. All rights reserved. @@ -3209,6 +3209,10 @@ sshkey_private_deserialize(struct sshbuf *buf, struct sshkey **kp) if ((r = sshkey_froms(buf, &k)) != 0 || (r = sshbuf_get_bignum2(buf, &dsa_priv_key)) != 0) goto out; + if (k->type != type) { + r = SSH_ERR_INVALID_FORMAT; + goto out; + } if (!DSA_set0_key(k->dsa, NULL, dsa_priv_key)) { r = SSH_ERR_LIBCRYPTO_ERROR; goto out; @@ -3252,6 +3256,11 @@ sshkey_private_deserialize(struct sshbuf *buf, struct sshkey **kp) if ((r = sshkey_froms(buf, &k)) != 0 || (r = sshbuf_get_bignum2(buf, &exponent)) != 0) goto out; + if (k->type != type || + k->ecdsa_nid != sshkey_ecdsa_nid_from_name(tname)) { + r = SSH_ERR_INVALID_FORMAT; + goto out; + } if (EC_KEY_set_private_key(k->ecdsa, exponent) != 1) { r = SSH_ERR_LIBCRYPTO_ERROR; goto out; @@ -3296,6 +3305,10 @@ sshkey_private_deserialize(struct sshbuf *buf, struct sshkey **kp) (r = sshbuf_get_bignum2(buf, &rsa_p)) != 0 || (r = sshbuf_get_bignum2(buf, &rsa_q)) != 0) goto out; + if (k->type != type) { + r = SSH_ERR_INVALID_FORMAT; + goto out; + } if (!RSA_set0_key(k->rsa, NULL, NULL, rsa_d)) { r = SSH_ERR_LIBCRYPTO_ERROR; goto out; @@ -3333,13 +3346,17 @@ sshkey_private_deserialize(struct sshbuf *buf, struct sshkey **kp) (r = sshbuf_get_string(buf, &ed25519_pk, &pklen)) != 0 || (r = sshbuf_get_string(buf, &ed25519_sk, &sklen)) != 0) goto out; + if (k->type != type) { + r = SSH_ERR_INVALID_FORMAT; + goto out; + } if (pklen != ED25519_PK_SZ || sklen != ED25519_SK_SZ) { r = SSH_ERR_INVALID_FORMAT; goto out; } k->ed25519_pk = ed25519_pk; k->ed25519_sk = ed25519_sk; - ed25519_pk = ed25519_sk = NULL; + ed25519_pk = ed25519_sk = NULL; /* transferred */ break; #ifdef WITH_XMSS case KEY_XMSS: @@ -3370,7 +3387,7 @@ sshkey_private_deserialize(struct sshbuf *buf, struct sshkey **kp) (r = sshbuf_get_string(buf, &xmss_pk, &pklen)) != 0 || (r = sshbuf_get_string(buf, &xmss_sk, &sklen)) != 0) goto out; - if (strcmp(xmss_name, k->xmss_name)) { + if (k->type != type || strcmp(xmss_name, k->xmss_name) != 0) { r = SSH_ERR_INVALID_FORMAT; goto out; } @@ -3877,7 +3894,8 @@ sshkey_parse_private2(struct sshbuf *blob, int type, const char *passphrase, } /* check that an appropriate amount of auth data is present */ - if (sshbuf_len(decoded) < encrypted_len + authlen) { + if (sshbuf_len(decoded) < authlen || + sshbuf_len(decoded) - authlen < encrypted_len) { r = SSH_ERR_INVALID_FORMAT; goto out; }