ClearML/dropbear
1
0
Fork 0
mirror of https://github.com/clearml/dropbear synced 2025-01-31 10:57:01 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

limit input size

Browse Source
This commit is contained in:
Matt Johnston 2017-05-25 22:21:23 +08:00
parent fb4e07f7a8
commit 72f85ad90f
1 changed files with 3 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
svr-authpubkey.c
View File

@ -195,9 +195,9 @@ static int checkpubkey_line(buffer* line, int line_num, char* filename,
unsigned int pos, len;
int ret = DROPBEAR_FAILURE;
if (line->len < MIN_AUTHKEYS_LINE) {
TRACE(("checkpubkey: line too short"))
return DROPBEAR_FAILURE; /* line is too short for it to be a valid key */
if (line->len < MIN_AUTHKEYS_LINE || line->len > MAX_AUTHKEYS_LINE) {
TRACE(("checkpubkey: bad line length %d", line->len))
return DROPBEAR_FAILURE;
}
/* compare the algorithm. +3 so we have enough bytes to read a space and some base64 characters too. */