diff options
author | Jon Simons <jon@jonsimons.org> | 2014-02-10 13:07:23 -0800 |
---|---|---|
committer | Andreas Schneider <asn@cryptomilk.org> | 2014-03-27 11:14:25 +0100 |
commit | 8e698382dbe7d2d3332163314a81f91438ac86a4 (patch) | |
tree | 97250e3dcd26ecc168ac1999349ff2529079b353 | |
parent | ce10d4032532cab93e81b32e82b9984c2b5d9207 (diff) | |
download | libssh-8e698382dbe7d2d3332163314a81f91438ac86a4.tar.gz libssh-8e698382dbe7d2d3332163314a81f91438ac86a4.tar.xz libssh-8e698382dbe7d2d3332163314a81f91438ac86a4.zip |
pki_crypto: guard against NULL pubkey->rsa in signature extraction
Signed-off-by: Jon Simons <jon@jonsimons.org>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
(cherry picked from commit 10bc5ac203a428699508293f91faa460358ca6dc)
-rw-r--r-- | src/pki_crypto.c | 8 |
1 files changed, 7 insertions, 1 deletions
diff --git a/src/pki_crypto.c b/src/pki_crypto.c index 3f594914..1a9aa3ef 100644 --- a/src/pki_crypto.c +++ b/src/pki_crypto.c @@ -1233,9 +1233,15 @@ static ssh_signature pki_signature_from_rsa_blob(const ssh_key pubkey, char *blob_padded_data; ssh_string sig_blob_padded; + size_t rsalen = 0; size_t len = ssh_string_len(sig_blob); - size_t rsalen= RSA_size(pubkey->rsa); + if (pubkey->rsa == NULL) { + ssh_pki_log("Pubkey RSA field NULL"); + goto errout; + } + + rsalen = RSA_size(pubkey->rsa); if (len > rsalen) { ssh_pki_log("Signature is too big: %lu > %lu", (unsigned long)len, (unsigned long)rsalen); |