summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat
-rw-r--r--ChangeLog6
-rw-r--r--key.c38
2 files changed, 32 insertions, 12 deletions
diff --git a/ChangeLog b/ChangeLog
index f991fe7e..00947004 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -58,6 +58,10 @@
[bufaux.c bufaux.h buffer.c buffer.h]
introduce a new buffer API that returns an error rather than fatal()ing
when presented with bad data; ok markus@
+ - djm@cvs.openbsd.org 2004/10/29 23:57:05
+ [key.c]
+ use new buffer API to avoid fatal errors on corrupt keys in authorized_keys
+ files; ok markus@
20041102
- (dtucker) [configure.ac includes.h] Bug #947: Fix compile error on HP-UX
@@ -1837,4 +1841,4 @@
- (djm) Trim deprecated options from INSTALL. Mention UsePAM
- (djm) Fix quote handling in sftp; Patch from admorten AT umich.edu
-$Id: ChangeLog,v 1.3577 2004/11/05 09:41:24 dtucker Exp $
+$Id: ChangeLog,v 1.3578 2004/11/05 09:42:28 dtucker Exp $
diff --git a/key.c b/key.c
index 21b0869d..e4193046 100644
--- a/key.c
+++ b/key.c
@@ -32,7 +32,7 @@
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
#include "includes.h"
-RCSID("$OpenBSD: key.c,v 1.56 2004/07/28 09:40:29 markus Exp $");
+RCSID("$OpenBSD: key.c,v 1.57 2004/10/29 23:57:05 djm Exp $");
#include <openssl/evp.h>
@@ -681,8 +681,8 @@ Key *
key_from_blob(const u_char *blob, u_int blen)
{
Buffer b;
- char *ktype;
int rlen, type;
+ char *ktype = NULL;
Key *key = NULL;
#ifdef DEBUG_PK
@@ -690,24 +690,38 @@ key_from_blob(const u_char *blob, u_int blen)
#endif
buffer_init(&b);
buffer_append(&b, blob, blen);
- ktype = buffer_get_string(&b, NULL);
+ if ((ktype = buffer_get_string_ret(&b, NULL)) == NULL) {
+ error("key_from_blob: can't read key type");
+ goto out;
+ }
+
type = key_type_from_name(ktype);
switch (type) {
case KEY_RSA:
key = key_new(type);
- buffer_get_bignum2(&b, key->rsa->e);
- buffer_get_bignum2(&b, key->rsa->n);
+ if (buffer_get_bignum2_ret(&b, key->rsa->e) == -1 ||
+ buffer_get_bignum2_ret(&b, key->rsa->n) == -1) {
+ error("key_from_blob: can't read rsa key");
+ key_free(key);
+ key = NULL;
+ goto out;
+ }
#ifdef DEBUG_PK
RSA_print_fp(stderr, key->rsa, 8);
#endif
break;
case KEY_DSA:
key = key_new(type);
- buffer_get_bignum2(&b, key->dsa->p);
- buffer_get_bignum2(&b, key->dsa->q);
- buffer_get_bignum2(&b, key->dsa->g);
- buffer_get_bignum2(&b, key->dsa->pub_key);
+ if (buffer_get_bignum2_ret(&b, key->dsa->p) == -1 ||
+ buffer_get_bignum2_ret(&b, key->dsa->q) == -1 ||
+ buffer_get_bignum2_ret(&b, key->dsa->g) == -1 ||
+ buffer_get_bignum2_ret(&b, key->dsa->pub_key) == -1) {
+ error("key_from_blob: can't read dsa key");
+ key_free(key);
+ key = NULL;
+ goto out;
+ }
#ifdef DEBUG_PK
DSA_print_fp(stderr, key->dsa, 8);
#endif
@@ -717,12 +731,14 @@ key_from_blob(const u_char *blob, u_int blen)
break;
default:
error("key_from_blob: cannot handle type %s", ktype);
- break;
+ goto out;
}
rlen = buffer_len(&b);
if (key != NULL && rlen != 0)
error("key_from_blob: remaining bytes in key blob %d", rlen);
- xfree(ktype);
+ out:
+ if (ktype != NULL)
+ xfree(ktype);
buffer_free(&b);
return key;
}
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-08 04:45:32 +0000