diff options
author | Jon Simons <jon@jonsimons.org> | 2019-12-13 19:59:43 -0500 |
---|---|---|
committer | Jon Simons <jon@jonsimons.org> | 2019-12-13 20:00:37 -0500 |
commit | b94ecf18bd2bfe558586c461c092ad9d7cdea646 (patch) | |
tree | d0a88467aaf2f5acb07b6d6b676b17dca98d2697 | |
parent | d2a32ca6d3c40483a6d10340d3e11da9259e1379 (diff) | |
download | libssh-b94ecf18bd2bfe558586c461c092ad9d7cdea646.tar.gz libssh-b94ecf18bd2bfe558586c461c092ad9d7cdea646.tar.xz libssh-b94ecf18bd2bfe558586c461c092ad9d7cdea646.zip |
curve25519: fix uninitialized arg to EVP_PKEY_derive
Ensure that the `keylen` argument as provided to `EVP_PKEY_derive`
is initialized, otherwise depending on stack contents, the function
call may fail.
Fixes T205.
Signed-off-by: Jon Simons <jon@jonsimons.org>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
-rw-r--r-- | src/curve25519.c | 6 |
1 files changed, 2 insertions, 4 deletions
diff --git a/src/curve25519.c b/src/curve25519.c index 7a274b69..1d482a71 100644 --- a/src/curve25519.c +++ b/src/curve25519.c @@ -179,7 +179,7 @@ static int ssh_curve25519_build_k(ssh_session session) #ifdef HAVE_OPENSSL_X25519 EVP_PKEY_CTX *pctx = NULL; EVP_PKEY *pkey = NULL, *pubkey = NULL; - size_t shared_key_len; + size_t shared_key_len = sizeof(k); int rc; pkey = EVP_PKEY_new_raw_private_key(EVP_PKEY_X25519, NULL, @@ -240,9 +240,7 @@ static int ssh_curve25519_build_k(ssh_session session) return SSH_ERROR; } - rc = EVP_PKEY_derive(pctx, - k, - &shared_key_len); + rc = EVP_PKEY_derive(pctx, k, &shared_key_len); if (rc != 1) { SSH_LOG(SSH_LOG_TRACE, "Failed to derive X25519 shared secret: %s", |