aboutsummaryrefslogtreecommitdiff
path: root/src/pki.c
diff options
context:
space:
mode:
authorDirkjan Bussink <d.bussink@gmail.com>2020-12-10 14:01:32 +0000
committerAndreas Schneider <asn@cryptomilk.org>2020-12-11 13:32:02 +0100
commitdaeee74edd8ac25c1d246d40333e78518574eded (patch)
treee6646a06bcc8e4338d3a094bcd5af034fe8a0c1f /src/pki.c
parentf6a2f6190c2aa047d901547720ae6d1729e1e2c0 (diff)
downloadlibssh-daeee74edd8ac25c1d246d40333e78518574eded.tar.gz
libssh-daeee74edd8ac25c1d246d40333e78518574eded.tar.xz
libssh-daeee74edd8ac25c1d246d40333e78518574eded.zip
Add safety checks for all ssh_string_fill calls
These calls can fail and the return code should always be checked. These issues were identified when code review called it out on new code. The updates here are to existing code with no behavior changes to make review simpler. Signed-off-by: Dirkjan Bussink <d.bussink@gmail.com> Reviewed-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
Diffstat (limited to 'src/pki.c')
-rw-r--r--src/pki.c17
1 files changed, 14 insertions, 3 deletions
diff --git a/src/pki.c b/src/pki.c
index 0d86fbcd..9248c9b3 100644
--- a/src/pki.c
+++ b/src/pki.c
@@ -2238,8 +2238,12 @@ int ssh_pki_export_signature_blob(const ssh_signature sig,
return SSH_ERROR;
}
- ssh_string_fill(str, ssh_buffer_get(buf), ssh_buffer_get_len(buf));
+ rc = ssh_string_fill(str, ssh_buffer_get(buf), ssh_buffer_get_len(buf));
SSH_BUFFER_FREE(buf);
+ if (rc < 0) {
+ SSH_STRING_FREE(str);
+ return SSH_ERROR;
+ }
*sig_blob = str;
@@ -2558,7 +2562,10 @@ ssh_string ssh_pki_do_sign(ssh_session session,
if (session_id == NULL) {
return NULL;
}
- ssh_string_fill(session_id, crypto->session_id, crypto->digest_len);
+ rc = ssh_string_fill(session_id, crypto->session_id, crypto->digest_len);
+ if (rc < 0) {
+ goto end;
+ }
/* Fill the input */
sign_input = ssh_buffer_new();
@@ -2619,7 +2626,11 @@ ssh_string ssh_pki_do_sign_agent(ssh_session session,
if (session_id == NULL) {
return NULL;
}
- ssh_string_fill(session_id, crypto->session_id, crypto->digest_len);
+ rc = ssh_string_fill(session_id, crypto->session_id, crypto->digest_len);
+ if (rc < 0) {
+ SSH_STRING_FREE(session_id);
+ return NULL;
+ }
sig_buf = ssh_buffer_new();
if (sig_buf == NULL) {