From 891539af6cbdbdfabb8d37fb491f7f8cadf9823c Mon Sep 17 00:00:00 2001 From: Andreas Schneider Date: Wed, 1 Apr 2009 21:24:16 +0000 Subject: Add memory error checks for crypto wrapper functions. git-svn-id: svn+ssh://svn.berlios.de/svnroot/repos/libssh/trunk@330 7dcaeef0-15fb-0310-b436-a5af3365683c --- libssh/crypt.c | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) (limited to 'libssh/crypt.c') diff --git a/libssh/crypt.c b/libssh/crypt.c index 75c22df..9d8fa0f 100644 --- a/libssh/crypt.c +++ b/libssh/crypt.c @@ -90,7 +90,10 @@ unsigned char * packet_encrypt(SSH_SESSION *session,void *data,u32 len){ #endif out=malloc(len); if(session->version==2){ - ctx=hmac_init(session->current_crypto->encryptMAC,20,HMAC_SHA1); + ctx = hmac_init(session->current_crypto->encryptMAC,20,HMAC_SHA1); + if (ctx == NULL) { + return NULL; + } hmac_update(ctx,(unsigned char *)&seq,sizeof(u32)); hmac_update(ctx,data,len); hmac_final(ctx,session->current_crypto->hmacbuf,&finallen); @@ -115,12 +118,16 @@ unsigned char * packet_encrypt(SSH_SESSION *session,void *data,u32 len){ return NULL; } +/* TODO FIXME think about the return value isn't 0 enough and -1 on error */ int packet_hmac_verify(SSH_SESSION *session,BUFFER *buffer,unsigned char *mac){ HMACCTX ctx; unsigned char hmacbuf[EVP_MAX_MD_SIZE]; unsigned int len; u32 seq=htonl(session->recv_seq); ctx=hmac_init(session->current_crypto->decryptMAC,20,HMAC_SHA1); + if (ctx == NULL) { + return -1; + } hmac_update(ctx,(unsigned char *)&seq,sizeof(u32)); hmac_update(ctx,buffer_get(buffer),buffer_get_len(buffer)); hmac_final(ctx,hmacbuf,&len); -- cgit v1.2.3