diff options
author | Andreas Schneider <asn@cryptomilk.org> | 2020-02-11 11:52:33 +0100 |
---|---|---|
committer | Andreas Schneider <asn@cryptomilk.org> | 2020-04-09 09:30:00 +0200 |
commit | 958afb1c6ad671fe2a8d671702a88843bb78fc38 (patch) | |
tree | 418ff3495151687ae980bc35ae2dcdbc292148a8 | |
parent | e510de0315a9b00832193266efbf0c5add1b71d8 (diff) | |
download | libssh-958afb1c6ad671fe2a8d671702a88843bb78fc38.tar.gz libssh-958afb1c6ad671fe2a8d671702a88843bb78fc38.tar.xz libssh-958afb1c6ad671fe2a8d671702a88843bb78fc38.zip |
CVE-2020-1730: Fix a possible segfault when zeroing AES-CTR key
Fixes T213
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
Reviewed-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
(cherry picked from commit b36272eac1b36982598c10de7af0a501582de07a)
-rw-r--r-- | src/libcrypto.c | 8 |
1 files changed, 6 insertions, 2 deletions
diff --git a/src/libcrypto.c b/src/libcrypto.c index 9ef00cb7..eefc98dd 100644 --- a/src/libcrypto.c +++ b/src/libcrypto.c @@ -708,8 +708,12 @@ aes_ctr_encrypt(struct ssh_cipher_struct *cipher, } static void aes_ctr_cleanup(struct ssh_cipher_struct *cipher){ - explicit_bzero(cipher->aes_key, sizeof(*cipher->aes_key)); - SAFE_FREE(cipher->aes_key); + if (cipher != NULL) { + if (cipher->aes_key != NULL) { + explicit_bzero(cipher->aes_key, sizeof(*cipher->aes_key)); + } + SAFE_FREE(cipher->aes_key); + } } #endif /* HAVE_OPENSSL_EVP_AES_CTR */ |