From b69ded7105ae48d5c476230f7b43cd5d745b5182 Mon Sep 17 00:00:00 2001 From: Markus Friedl Date: Sat, 23 Feb 2002 17:59:03 +0000 Subject: don't allow garbage after payload. --- usr.bin/ssh/kex.c | 3 ++- usr.bin/ssh/kexdh.c | 3 ++- usr.bin/ssh/kexgex.c | 3 ++- 3 files changed, 6 insertions(+), 3 deletions(-) diff --git a/usr.bin/ssh/kex.c b/usr.bin/ssh/kex.c index e9f944b05ba..e91b2ee35cd 100644 --- a/usr.bin/ssh/kex.c +++ b/usr.bin/ssh/kex.c @@ -23,7 +23,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: kex.c,v 1.45 2002/02/14 23:41:01 markus Exp $"); +RCSID("$OpenBSD: kex.c,v 1.46 2002/02/23 17:59:02 markus Exp $"); #include @@ -132,6 +132,7 @@ kex_finish(Kex *kex) debug("waiting for SSH2_MSG_NEWKEYS"); packet_read_expect(SSH2_MSG_NEWKEYS); + packet_check_eom(); debug("SSH2_MSG_NEWKEYS received"); kex->done = 1; diff --git a/usr.bin/ssh/kexdh.c b/usr.bin/ssh/kexdh.c index f87d5295211..2049d6e1b26 100644 --- a/usr.bin/ssh/kexdh.c +++ b/usr.bin/ssh/kexdh.c @@ -23,7 +23,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: kexdh.c,v 1.14 2002/01/31 13:35:11 markus Exp $"); +RCSID("$OpenBSD: kexdh.c,v 1.15 2002/02/23 17:59:02 markus Exp $"); #include #include @@ -220,6 +220,7 @@ kexdh_server(Kex *kex) if ((dh_client_pub = BN_new()) == NULL) fatal("dh_client_pub == NULL"); packet_get_bignum2(dh_client_pub); + packet_check_eom(); #ifdef DEBUG_KEXDH fprintf(stderr, "dh_client_pub= "); diff --git a/usr.bin/ssh/kexgex.c b/usr.bin/ssh/kexgex.c index dc2fa672393..ac377aafccb 100644 --- a/usr.bin/ssh/kexgex.c +++ b/usr.bin/ssh/kexgex.c @@ -24,7 +24,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: kexgex.c,v 1.17 2002/01/31 13:35:11 markus Exp $"); +RCSID("$OpenBSD: kexgex.c,v 1.18 2002/02/23 17:59:02 markus Exp $"); #include @@ -319,6 +319,7 @@ kexgex_server(Kex *kex) if ((dh_client_pub = BN_new()) == NULL) fatal("dh_client_pub == NULL"); packet_get_bignum2(dh_client_pub); + packet_check_eom(); #ifdef DEBUG_KEXDH fprintf(stderr, "dh_client_pub= "); -- cgit v1.2.3