ClearML/dropbear
1
0
Fork 0
mirror of https://github.com/clearml/dropbear synced 2025-04-23 07:34:52 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

add length checks for ecc too

Browse Source
This commit is contained in:
Matt Johnston 2016-07-12 23:28:42 +08:00
parent 3ee9656250
commit 5127943673
1 changed files with 11 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

17
keyimport.c
View File

@ -273,6 +273,11 @@ static int ber_read_id_len(void *source, int sourcelen,
p++, sourcelen--; p++, sourcelen--;
} }
if (*length < 0) {
printf("Negative ASN.1 length\n");
return -1;
}
return p - (unsigned char *) source; return p - (unsigned char *) source;
} }
@ -587,7 +592,7 @@ static sign_key *openssh_read(const char *filename, char * UNUSED(passphrase))
p += ret; p += ret;
if (ret < 0 || id != 16 || len < 0 || if (ret < 0 || id != 16 || len < 0 ||
key->keyblob+key->keyblob_len-p < len) { key->keyblob+key->keyblob_len-p < len) {
errmsg = "ASN.1 decoding failure - wrong password?"; errmsg = "ASN.1 decoding failure";
goto error; goto error;
} }
@ -687,7 +692,7 @@ static sign_key *openssh_read(const char *filename, char * UNUSED(passphrase))
&id, &len, &flags); &id, &len, &flags);
p += ret; p += ret;
/* id==4 for octet string */ /* id==4 for octet string */
if (ret < 0 || id != 4 || if (ret < 0 || id != 4 || len < 0 ||
key->keyblob+key->keyblob_len-p < len) { key->keyblob+key->keyblob_len-p < len) {
errmsg = "ASN.1 decoding failure"; errmsg = "ASN.1 decoding failure";
goto error; goto error;
@ -701,7 +706,7 @@ static sign_key *openssh_read(const char *filename, char * UNUSED(passphrase))
&id, &len, &flags); &id, &len, &flags);
p += ret; p += ret;
/* id==0 */ /* id==0 */
if (ret < 0 || id != 0) { if (ret < 0 || id != 0 || len < 0) {
errmsg = "ASN.1 decoding failure"; errmsg = "ASN.1 decoding failure";
goto error; goto error;
} }
@ -710,7 +715,7 @@ static sign_key *openssh_read(const char *filename, char * UNUSED(passphrase))
&id, &len, &flags); &id, &len, &flags);
p += ret; p += ret;
/* id==6 for object */ /* id==6 for object */
if (ret < 0 || id != 6 || if (ret < 0 || id != 6 || len < 0 ||
key->keyblob+key->keyblob_len-p < len) { key->keyblob+key->keyblob_len-p < len) {
errmsg = "ASN.1 decoding failure"; errmsg = "ASN.1 decoding failure";
goto error; goto error;
@ -749,7 +754,7 @@ static sign_key *openssh_read(const char *filename, char * UNUSED(passphrase))
&id, &len, &flags); &id, &len, &flags);
p += ret; p += ret;
/* id==1 */ /* id==1 */
if (ret < 0 || id != 1) { if (ret < 0 || id != 1 || len < 0) {
errmsg = "ASN.1 decoding failure"; errmsg = "ASN.1 decoding failure";
goto error; goto error;
} }
@ -758,7 +763,7 @@ static sign_key *openssh_read(const char *filename, char * UNUSED(passphrase))
&id, &len, &flags); &id, &len, &flags);
p += ret; p += ret;
/* id==3 for bit string */ /* id==3 for bit string */
if (ret < 0 || id != 3 || if (ret < 0 || id != 3 || len < 0 ||
key->keyblob+key->keyblob_len-p < len) { key->keyblob+key->keyblob_len-p < len) {
errmsg = "ASN.1 decoding failure"; errmsg = "ASN.1 decoding failure";
goto error; goto error;