From fb4e07f7a84068fccd4d42fb538d3123762ba50f Mon Sep 17 00:00:00 2001 From: Matt Johnston Date: Thu, 25 May 2017 00:10:18 +0800 Subject: [PATCH] don't exit encountering short lines --- svr-authpubkey.c | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/svr-authpubkey.c b/svr-authpubkey.c index 6612194..04d1b13 100644 --- a/svr-authpubkey.c +++ b/svr-authpubkey.c @@ -200,6 +200,10 @@ static int checkpubkey_line(buffer* line, int line_num, char* filename, return DROPBEAR_FAILURE; /* line is too short for it to be a valid key */ } + /* compare the algorithm. +3 so we have enough bytes to read a space and some base64 characters too. */ + if (line->pos + algolen+3 > line->len) { + goto out; + } /* check the key type */ if (strncmp((const char *) buf_getptr(line, algolen), algo, algolen) != 0) { int is_comment = 0;