ClearML/dropbear
1
0
Fork 0
mirror of https://github.com/clearml/dropbear synced 2025-01-31 10:57:01 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

don't allow null characters in authorized_keys

Browse Source
This commit is contained in:
Matt Johnston 2018-03-07 22:16:21 +08:00
parent ed4c38ba46
commit 27828c742c
1 changed files with 6 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
svr-authpubkey.c
View File

@ -201,7 +201,12 @@ static int checkpubkey_line(buffer* line, int line_num, const char* filename,
if (line->len < MIN_AUTHKEYS_LINE || line->len > MAX_AUTHKEYS_LINE) {
TRACE(("checkpubkey_line: bad line length %d", line->len))
return DROPBEAR_FAILURE;
goto out;
}
if (memchr(line->data, 0x0, line->len) != NULL) {
TRACE(("checkpubkey_line: bad line has null char"))
goto out;
}
/* compare the algorithm. +3 so we have enough bytes to read a space and some base64 characters too. */