diff options
author | 2000-06-19 02:56:17 +0000 | |
---|---|---|
committer | 2000-06-19 02:56:17 +0000 | |
commit | 566899d0c13993c9e035128ea0ed7b60f3f053ae (patch) | |
tree | ead30dd2852d328b8c4793ca078071831e76d958 /usr.bin/ssh/dsa.c | |
parent | oops, add macbuf to the queue structure (diff) | |
download | wireguard-openbsd-566899d0c13993c9e035128ea0ed7b60f3f053ae.tar.xz wireguard-openbsd-566899d0c13993c9e035128ea0ed7b60f3f053ae.zip |
mem leak + be more paranoid in dsa_verify.
Diffstat (limited to 'usr.bin/ssh/dsa.c')
-rw-r--r-- | usr.bin/ssh/dsa.c | 17 |
1 files changed, 13 insertions, 4 deletions
diff --git a/usr.bin/ssh/dsa.c b/usr.bin/ssh/dsa.c index 51d7ff28524..70d53fbb567 100644 --- a/usr.bin/ssh/dsa.c +++ b/usr.bin/ssh/dsa.c @@ -28,7 +28,7 @@ */ #include "includes.h" -RCSID("$Id: dsa.c,v 1.7 2000/05/08 17:42:24 markus Exp $"); +RCSID("$Id: dsa.c,v 1.8 2000/06/19 02:56:17 markus Exp $"); #include "ssh.h" #include "xmalloc.h" @@ -72,7 +72,7 @@ dsa_key_from_blob( buffer_append(&b, blob, blen); ktype = buffer_get_string(&b, NULL); if (strcmp(KEX_DSS, ktype) != 0) { - error("dsa_key_from_blob: cannot handle type %s", ktype); + error("dsa_key_from_blob: cannot handle type %s", ktype); key_free(key); return NULL; } @@ -197,7 +197,6 @@ dsa_verify( DSA_SIG *sig; EVP_MD *evp_md = EVP_sha1(); EVP_MD_CTX md; - char *ktype; unsigned char *sigblob; char *txt; unsigned int len; @@ -227,14 +226,24 @@ dsa_verify( len = signaturelen; } else { /* ietf-drafts */ + char *ktype; buffer_init(&b); buffer_append(&b, (char *) signature, signaturelen); ktype = buffer_get_string(&b, NULL); + if (strcmp(KEX_DSS, ktype) != 0) { + error("dsa_verify: cannot handle type %s", ktype); + buffer_free(&b); + return -1; + } sigblob = (unsigned char *)buffer_get_string(&b, &len); rlen = buffer_len(&b); - if(rlen != 0) + if(rlen != 0) { error("remaining bytes in signature %d", rlen); + buffer_free(&b); + return -1; + } buffer_free(&b); + xfree(ktype); } if (len != SIGBLOB_LEN) { |