upstream: Slot 0 in the hostbased key array was previously RSA1,

but that is now gone and the slot is unused so remove it.  Remove two
now-unused macros, and add an array bounds check to the two remaining ones
(array is statically sized, so mostly a safety check on future changes). ok
markus@

OpenBSD-Commit-ID: 2e4c0ca6cc1d8daeccead2aa56192a3f9d5e1e7a
This commit is contained in:
dtucker@openbsd.org 2018-07-16 22:25:01 +00:00 committed by Damien Miller
parent 26efc2f5df
commit ac590760b2
1 changed files with 22 additions and 22 deletions

44
ssh.c
View File

@ -1,4 +1,4 @@
/* $OpenBSD: ssh.c,v 1.485 2018/07/16 11:05:41 dtucker Exp $ */ /* $OpenBSD: ssh.c,v 1.486 2018/07/16 22:25:01 dtucker Exp $ */
/* /*
* Author: Tatu Ylonen <ylo@cs.hut.fi> * Author: Tatu Ylonen <ylo@cs.hut.fi>
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@ -1418,34 +1418,34 @@ main(int ac, char **av)
sensitive_data.nkeys = 0; sensitive_data.nkeys = 0;
sensitive_data.keys = NULL; sensitive_data.keys = NULL;
if (options.hostbased_authentication) { if (options.hostbased_authentication) {
sensitive_data.nkeys = 11; sensitive_data.nkeys = 10;
sensitive_data.keys = xcalloc(sensitive_data.nkeys, sensitive_data.keys = xcalloc(sensitive_data.nkeys,
sizeof(struct sshkey)); sizeof(struct sshkey));
/* XXX check errors? */ /* XXX check errors? */
#define L_KEY(t,p,o) \ #define L_PUBKEY(p,o) do { \
check_load(sshkey_load_private_type(t, p, "", \ if ((o) >= sensitive_data.nkeys) \
&(sensitive_data.keys[o]), NULL, NULL), p, "key") fatal("%s pubkey out of array bounds", __func__); \
#define L_KEYCERT(t,p,o) \
check_load(sshkey_load_private_cert(t, p, "", \
&(sensitive_data.keys[o]), NULL), p, "cert and key")
#define L_PUBKEY(p,o) \
check_load(sshkey_load_public(p, &(sensitive_data.keys[o]), NULL), \ check_load(sshkey_load_public(p, &(sensitive_data.keys[o]), NULL), \
p, "pubkey") p, "pubkey"); \
#define L_CERT(p,o) \ } while (0)
check_load(sshkey_load_cert(p, &(sensitive_data.keys[o])), p, "cert") #define L_CERT(p,o) do { \
if ((o) >= sensitive_data.nkeys) \
fatal("%s cert out of array bounds", __func__); \
check_load(sshkey_load_cert(p, &(sensitive_data.keys[o])), p, "cert"); \
} while (0)
if (options.hostbased_authentication == 1) { if (options.hostbased_authentication == 1) {
L_CERT(_PATH_HOST_ECDSA_KEY_FILE, 1); L_CERT(_PATH_HOST_ECDSA_KEY_FILE, 0);
L_CERT(_PATH_HOST_ED25519_KEY_FILE, 2); L_CERT(_PATH_HOST_ED25519_KEY_FILE, 1);
L_CERT(_PATH_HOST_RSA_KEY_FILE, 3); L_CERT(_PATH_HOST_RSA_KEY_FILE, 2);
L_CERT(_PATH_HOST_DSA_KEY_FILE, 4); L_CERT(_PATH_HOST_DSA_KEY_FILE, 3);
L_PUBKEY(_PATH_HOST_ECDSA_KEY_FILE, 5); L_PUBKEY(_PATH_HOST_ECDSA_KEY_FILE, 4);
L_PUBKEY(_PATH_HOST_ED25519_KEY_FILE, 6); L_PUBKEY(_PATH_HOST_ED25519_KEY_FILE, 5);
L_PUBKEY(_PATH_HOST_RSA_KEY_FILE, 7); L_PUBKEY(_PATH_HOST_RSA_KEY_FILE, 6);
L_PUBKEY(_PATH_HOST_DSA_KEY_FILE, 8); L_PUBKEY(_PATH_HOST_DSA_KEY_FILE, 7);
L_CERT(_PATH_HOST_XMSS_KEY_FILE, 9); L_CERT(_PATH_HOST_XMSS_KEY_FILE, 8);
L_PUBKEY(_PATH_HOST_XMSS_KEY_FILE, 10); L_PUBKEY(_PATH_HOST_XMSS_KEY_FILE, 9);
} }
} }
/* /*