diff options
| author | Damien Miller <djm@mindrot.org> | 2014-07-02 12:48:04 +1000 |
|---|---|---|
| committer | Damien Miller <djm@mindrot.org> | 2014-07-02 12:48:04 +1000 |
| commit | 99db840ee8dbbd2b3fbc6c45d0ee2f6a65e96898 (patch) | |
| tree | a76db48e1a5b8b56f6554ffe519d0d7e1e344104 | |
| parent | 84a89161a9629239b64171ef3e22ef6a3e462d51 (diff) | |
- naddy@cvs.openbsd.org 2014/06/18 15:42:09
[sshbuf-getput-crypto.c]
The ssh_get_bignum functions must accept the same range of bignums
the corresponding ssh_put_bignum functions create. This fixes the
use of 16384-bit RSA keys (bug reported by Eivind Evensen).
ok djm@
| -rw-r--r-- | ChangeLog | 6 | ||||
| -rw-r--r-- | sshbuf-getput-crypto.c | 10 |
2 files changed, 12 insertions, 4 deletions
@@ -11,6 +11,12 @@ sandbox. ok djm + - naddy@cvs.openbsd.org 2014/06/18 15:42:09 + [sshbuf-getput-crypto.c] + The ssh_get_bignum functions must accept the same range of bignums + the corresponding ssh_put_bignum functions create. This fixes the + use of 16384-bit RSA keys (bug reported by Eivind Evensen). + ok djm@ 20140618 - (tim) [openssh/session.c] Work around to get chroot sftp working on UnixWare diff --git a/sshbuf-getput-crypto.c b/sshbuf-getput-crypto.c index ca1c7ec6..cfe6f796 100644 --- a/sshbuf-getput-crypto.c +++ b/sshbuf-getput-crypto.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sshbuf-getput-crypto.c,v 1.1 2014/04/30 05:29:56 djm Exp $ */ +/* $OpenBSD: sshbuf-getput-crypto.c,v 1.2 2014/06/18 15:42:09 naddy Exp $ */ /* * Copyright (c) 2011 Damien Miller * @@ -38,10 +38,12 @@ sshbuf_get_bignum2(struct sshbuf *buf, BIGNUM *v) if ((r = sshbuf_peek_string_direct(buf, &d, &len)) < 0) return r; - /* Refuse negative (MSB set) and overlong bignums */ + /* Refuse negative (MSB set) bignums */ if ((len != 0 && (*d & 0x80) != 0)) return SSH_ERR_BIGNUM_IS_NEGATIVE; - if (len > SSHBUF_MAX_BIGNUM) + /* Refuse overlong bignums, allow prepended \0 to avoid MSB set */ + if (len > SSHBUF_MAX_BIGNUM + 1 || + (len == SSHBUF_MAX_BIGNUM + 1 && *d != 0)) return SSH_ERR_BIGNUM_TOO_LARGE; if (v != NULL && BN_bin2bn(d, len, v) == NULL) return SSH_ERR_ALLOC_FAIL; @@ -67,7 +69,7 @@ sshbuf_get_bignum1(struct sshbuf *buf, BIGNUM *v) return SSH_ERR_MESSAGE_INCOMPLETE; len_bits = PEEK_U16(d); len_bytes = (len_bits + 7) >> 3; - if (len_bytes > SSHBUF_MAX_BIGNUM + 1) + if (len_bytes > SSHBUF_MAX_BIGNUM) return SSH_ERR_BIGNUM_TOO_LARGE; if (sshbuf_len(buf) < 2 + len_bytes) return SSH_ERR_MESSAGE_INCOMPLETE; |