diff options
| author | Damien Miller <djm@cvs.openbsd.org> | 2020-05-01 04:23:12 +0000 |
|---|---|---|
| committer | Damien Miller <djm@cvs.openbsd.org> | 2020-05-01 04:23:12 +0000 |
| commit | a260bf7a5f39743fdab21abe22d2e6040c0b4f5c (patch) | |
| tree | 69a4f8a858ac6b871a3bbfe0e091ae4ac6b42f03 /usr.bin | |
| parent | f8964d5f7331f49e3b0acd2ec9485a7aa3da480c (diff) | |
avoid NULL dereference when attempting to convert invalid ssh.com
private keys using "ssh-keygen -i"; spotted by Michael Forney
Diffstat (limited to 'usr.bin')
| -rw-r--r-- | usr.bin/ssh/ssh-keygen.c | 9 |
1 files changed, 5 insertions, 4 deletions
diff --git a/usr.bin/ssh/ssh-keygen.c b/usr.bin/ssh/ssh-keygen.c index 526b57f2aef..38f877a5e18 100644 --- a/usr.bin/ssh/ssh-keygen.c +++ b/usr.bin/ssh/ssh-keygen.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh-keygen.c,v 1.407 2020/04/20 04:43:57 djm Exp $ */ +/* $OpenBSD: ssh-keygen.c,v 1.408 2020/05/01 04:23:11 djm Exp $ */ /* * Author: Tatu Ylonen <ylo@cs.hut.fi> * Copyright (c) 1994 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland @@ -653,9 +653,10 @@ do_convert_from_ssh2(struct passwd *pw, struct sshkey **k, int *private) encoded[len-3] = '\0'; if ((r = sshbuf_b64tod(buf, encoded)) != 0) fatal("%s: base64 decoding failed: %s", __func__, ssh_err(r)); - if (*private) - *k = do_convert_private_ssh2(buf); - else if ((r = sshkey_fromb(buf, k)) != 0) + if (*private) { + if ((*k = do_convert_private_ssh2(buf)) == NULL) + fatal("%s: private key conversion failed", __func__); + } else if ((r = sshkey_fromb(buf, k)) != 0) fatal("decode blob failed: %s", ssh_err(r)); sshbuf_free(buf); fclose(fp); |