When choosing a prime from the moduli file, avoid re-using the

linenum variable for something that is not a line number to avoid
the confusion that resulted in the bug in rev. 1.64.  This also
lets us pass the actual linenum to parse_prime() so the error
messages include the correct line number.  OK markus@ some time ago.

1 files changed, 8 insertions, 6 deletions

diff --git a/usr.bin/ssh/dh.c b/usr.bin/ssh/dh.c
index 7e2df7567b7..c775e8a3fc5 100644
--- a/usr.bin/ssh/dh.c
+++ b/usr.bin/ssh/dh.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: dh.c,v 1.67 2018/09/13 02:08:33 djm Exp $ */
+/* $OpenBSD: dh.c,v 1.68 2018/09/17 15:40:14 millert Exp $ */
 /*
  * Copyright (c) 2000 Niels Provos.  All rights reserved.
  *
@@ -182,15 +182,17 @@ choose_dh(int min, int wantbits, int max)
 		logit("WARNING: no suitable primes in %s", _PATH_DH_MODULI);
 		return (dh_new_group_fallback(max));
 	}
+	which = arc4random_uniform(bestcount);
 
 	linenum = 0;
-	which = arc4random_uniform(bestcount);
+	bestcount = 0;
 	while (getline(&line, &linesize, f) != -1) {
+		linenum++;
 		if (!parse_prime(linenum, line, &dhg))
 			continue;
 		if ((dhg.size > max || dhg.size < min) ||
 		    dhg.size != best ||
-		    linenum++ != which) {
+		    bestcount++ != which) {
 			BN_clear_free(dhg.g);
 			BN_clear_free(dhg.p);
 			continue;
@@ -200,9 +202,9 @@ choose_dh(int min, int wantbits, int max)
 	free(line);
 	line = NULL;
 	fclose(f);
-	if (linenum != which+1) {
-		logit("WARNING: line %d disappeared in %s, giving up",
-		    which, _PATH_DH_MODULI);
+	if (bestcount != which + 1) {
+		logit("WARNING: selected prime disappeared in %s, giving up",
+		    _PATH_DH_MODULI);
 		return (dh_new_group_fallback(max));
 	}