aboutsummaryrefslogtreecommitdiff
path: root/src/pki.c
diff options
context:
space:
mode:
authorAndreas Schneider <asn@cryptomilk.org>2020-02-12 09:44:17 +0100
committerAndreas Schneider <asn@cryptomilk.org>2020-02-12 09:44:17 +0100
commitf208e4b332e29871758524a370a97de4882549bc (patch)
tree104504e5b1915379b4028026008ac52e563c18f3 /src/pki.c
parent9fcb55930150df023ae4a02612168a89a67c8aa5 (diff)
downloadlibssh-f208e4b332e29871758524a370a97de4882549bc.tar.gz
libssh-f208e4b332e29871758524a370a97de4882549bc.tar.xz
libssh-f208e4b332e29871758524a370a97de4882549bc.zip
pki: Add missing return check for ssh_buffer_pack()
CID #1419376 Signed-off-by: Andreas Schneider <asn@cryptomilk.org> Reviewed-by: Jakub Jelen <jjelen@redhat.com>
Diffstat (limited to 'src/pki.c')
-rw-r--r--src/pki.c14
1 files changed, 10 insertions, 4 deletions
diff --git a/src/pki.c b/src/pki.c
index a386b1f6..f3ad4a98 100644
--- a/src/pki.c
+++ b/src/pki.c
@@ -2468,10 +2468,16 @@ int ssh_pki_signature_verify(ssh_session session,
return SSH_ERROR;
}
- ssh_buffer_pack(sk_buffer, "PbdP",
- SHA256_DIGEST_LEN, application_hash,
- sig->sk_flags, sig->sk_counter,
- SHA256_DIGEST_LEN, input_hash);
+ rc = ssh_buffer_pack(sk_buffer, "PbdP",
+ SHA256_DIGEST_LEN, application_hash,
+ sig->sk_flags, sig->sk_counter,
+ SHA256_DIGEST_LEN, input_hash);
+ if (rc != SSH_OK) {
+ SSH_BUFFER_FREE(sk_buffer);
+ explicit_bzero(input_hash, SHA256_DIGEST_LEN);
+ explicit_bzero(application_hash, SHA256_DIGEST_LEN);
+ return SSH_ERROR;
+ }
rc = pki_verify_data_signature(sig, key, ssh_buffer_get(sk_buffer),
ssh_buffer_get_len(sk_buffer));