diff options
author | Andreas Schneider <mail@cynapses.org> | 2009-04-01 10:23:52 +0000 |
---|---|---|
committer | Andreas Schneider <mail@cynapses.org> | 2009-04-01 10:23:52 +0000 |
commit | 10afd9818cdf1fda8b19bae69dd2c8973dbbf606 (patch) | |
tree | 4696d78283035be142da90263ffd43a899f49970 /libssh/packet.c | |
parent | 186667724a70dc146ac92e03ab4eb3eb2cee222d (diff) | |
download | libssh-10afd9818cdf1fda8b19bae69dd2c8973dbbf606.tar.gz libssh-10afd9818cdf1fda8b19bae69dd2c8973dbbf606.tar.xz libssh-10afd9818cdf1fda8b19bae69dd2c8973dbbf606.zip |
Check for memory allocation errors.
git-svn-id: svn+ssh://svn.berlios.de/svnroot/repos/libssh/trunk@316 7dcaeef0-15fb-0310-b436-a5af3365683c
Diffstat (limited to 'libssh/packet.c')
-rw-r--r-- | libssh/packet.c | 25 |
1 files changed, 18 insertions, 7 deletions
diff --git a/libssh/packet.c b/libssh/packet.c index 340d16c..6043e8d 100644 --- a/libssh/packet.c +++ b/libssh/packet.c @@ -111,8 +111,13 @@ static int packet_read2(SSH_SESSION *session){ } if(session->current_crypto){ /* decrypt the rest of the packet (blocksize bytes already have been decrypted */ - packet_decrypt(session,buffer_get(session->in_buffer)+blocksize, - buffer_get_len(session->in_buffer)-blocksize); + if (packet_decrypt(session, + buffer_get(session->in_buffer) + blocksize, + buffer_get_len(session->in_buffer) - blocksize) < 0) { + ssh_set_error(session, SSH_FATAL, "Decrypt error"); + leave_function(); + return SSH_ERROR; + } ssh_socket_read(session->socket,mac,macsize); if(packet_hmac_verify(session,session->in_buffer,mac)){ ssh_set_error(session,SSH_FATAL,"HMAC error"); @@ -216,11 +221,17 @@ static int packet_read1(SSH_SESSION *session){ ssh_print_hexa("read packet:",buffer_get(session->in_buffer), buffer_get_len(session->in_buffer)); #endif - if(session->current_crypto){ - /* we decrypt everything, missing the lenght part (which was previously - * read, unencrypted, and is not part of the buffer - */ - packet_decrypt(session,buffer_get(session->in_buffer),buffer_get_len(session->in_buffer)); + if (session->current_crypto) { + /* we decrypt everything, missing the lenght part (which was + * previously read, unencrypted, and is not part of the buffer + */ + if (packet_decrypt(session, + buffer_get(session->in_buffer), + buffer_get_len(session->in_buffer)) < 0) { + ssh_set_error(session, SSH_FATAL, "Packet decrypt error"); + leave_function(); + return SSH_ERROR; + } } #ifdef DEBUG_CRYPTO ssh_print_hexa("read packet decrypted:", |