tyler.durden/openssh-portable
1
0
Fork 0
mirror of https://github.com/PowerShell/openssh-portable.git synced 2025-07-27 07:44:29 +02:00
Code Issues Packages Projects Releases Wiki Activity

upstream commit

Browse Source 
improve sshkey_read() semantics; only update *cpp when a
 key is successfully read; ok markus@

Upstream-ID: f371e78e8f4fab366cf69a42bdecedaed5d1b089
This commit is contained in:
djm@openbsd.org 2015-11-16 22:50:01 +00:00 committed by Damien Miller
parent db6f8dc5dd
commit 3a9f84b58b
1 changed files with 15 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

28
sshkey.c
View File

@ -1,4 +1,4 @@
/* $OpenBSD: sshkey.c,v 1.24 2015/10/15 23:08:23 djm Exp $ */ /* $OpenBSD: sshkey.c,v 1.25 2015/11/16 22:50:01 djm Exp $ */
/* /*
* Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved.
* Copyright (c) 2008 Alexander von Gernler. All rights reserved. * Copyright (c) 2008 Alexander von Gernler. All rights reserved.
@ -1232,11 +1232,10 @@ sshkey_read(struct sshkey *ret, char **cpp)
{ {
struct sshkey *k; struct sshkey *k;
int retval = SSH_ERR_INVALID_FORMAT; int retval = SSH_ERR_INVALID_FORMAT;
char *cp, *space; char *ep, *cp, *space;
int r, type, curve_nid = -1; int r, type, curve_nid = -1;
struct sshbuf *blob; struct sshbuf *blob;
#ifdef WITH_SSH1 #ifdef WITH_SSH1
char *ep;
u_long bits; u_long bits;
#endif /* WITH_SSH1 */ #endif /* WITH_SSH1 */
@ -1255,10 +1254,10 @@ sshkey_read(struct sshkey *ret, char **cpp)
return r; return r;
if ((r = read_decimal_bignum(&ep, ret->rsa->n)) < 0) if ((r = read_decimal_bignum(&ep, ret->rsa->n)) < 0)
return r; return r;
*cpp = ep;
/* validate the claimed number of bits */ /* validate the claimed number of bits */
if (BN_num_bits(ret->rsa->n) != (int)bits) if (BN_num_bits(ret->rsa->n) != (int)bits)
return SSH_ERR_KEY_BITS_MISMATCH; return SSH_ERR_KEY_BITS_MISMATCH;
*cpp = ep;
retval = 0; retval = 0;
#endif /* WITH_SSH1 */ #endif /* WITH_SSH1 */
break; break;
@ -1296,9 +1295,9 @@ sshkey_read(struct sshkey *ret, char **cpp)
*space++ = '\0'; *space++ = '\0';
while (*space == ' ' || *space == '\t') while (*space == ' ' || *space == '\t')
space++; space++;
*cpp = space; ep = space;
} else } else
*cpp = cp + strlen(cp); ep = cp + strlen(cp);
if ((r = sshbuf_b64tod(blob, cp)) != 0) { if ((r = sshbuf_b64tod(blob, cp)) != 0) {
sshbuf_free(blob); sshbuf_free(blob);
return r; return r;
@ -1329,8 +1328,9 @@ sshkey_read(struct sshkey *ret, char **cpp)
ret->cert = k->cert; ret->cert = k->cert;
k->cert = NULL; k->cert = NULL;
} }
switch (sshkey_type_plain(ret->type)) {
#ifdef WITH_OPENSSL #ifdef WITH_OPENSSL
if (sshkey_type_plain(ret->type) == KEY_RSA) { case KEY_RSA:
if (ret->rsa != NULL) if (ret->rsa != NULL)
RSA_free(ret->rsa); RSA_free(ret->rsa);
ret->rsa = k->rsa; ret->rsa = k->rsa;
@ -1338,8 +1338,8 @@ sshkey_read(struct sshkey *ret, char **cpp)
#ifdef DEBUG_PK #ifdef DEBUG_PK
RSA_print_fp(stderr, ret->rsa, 8); RSA_print_fp(stderr, ret->rsa, 8);
#endif #endif
} break;
if (sshkey_type_plain(ret->type) == KEY_DSA) { case KEY_DSA:
if (ret->dsa != NULL) if (ret->dsa != NULL)
DSA_free(ret->dsa); DSA_free(ret->dsa);
ret->dsa = k->dsa; ret->dsa = k->dsa;
@ -1347,9 +1347,9 @@ sshkey_read(struct sshkey *ret, char **cpp)
#ifdef DEBUG_PK #ifdef DEBUG_PK
DSA_print_fp(stderr, ret->dsa, 8); DSA_print_fp(stderr, ret->dsa, 8);
#endif #endif
} break;
# ifdef OPENSSL_HAS_ECC # ifdef OPENSSL_HAS_ECC
if (sshkey_type_plain(ret->type) == KEY_ECDSA) { case KEY_ECDSA:
if (ret->ecdsa != NULL) if (ret->ecdsa != NULL)
EC_KEY_free(ret->ecdsa); EC_KEY_free(ret->ecdsa);
ret->ecdsa = k->ecdsa; ret->ecdsa = k->ecdsa;
@ -1359,17 +1359,19 @@ sshkey_read(struct sshkey *ret, char **cpp)
#ifdef DEBUG_PK #ifdef DEBUG_PK
sshkey_dump_ec_key(ret->ecdsa); sshkey_dump_ec_key(ret->ecdsa);
#endif #endif
} break;
# endif /* OPENSSL_HAS_ECC */ # endif /* OPENSSL_HAS_ECC */
#endif /* WITH_OPENSSL */ #endif /* WITH_OPENSSL */
if (sshkey_type_plain(ret->type) == KEY_ED25519) { case KEY_ED25519:
free(ret->ed25519_pk); free(ret->ed25519_pk);
ret->ed25519_pk = k->ed25519_pk; ret->ed25519_pk = k->ed25519_pk;
k->ed25519_pk = NULL; k->ed25519_pk = NULL;
#ifdef DEBUG_PK #ifdef DEBUG_PK
/* XXX */ /* XXX */
#endif #endif
break;
} }
*cpp = ep;
retval = 0; retval = 0;
/*XXXX*/ /*XXXX*/
sshkey_free(k); sshkey_free(k);