fix use-after-free in ssh-pkcs11; found by hshoexer w/AFL

author: markus <markus@openbsd.org> 2019-03-08 17:24:43 +0000
committer: markus <markus@openbsd.org> 2019-03-08 17:24:43 +0000
commit: 7b1c23727e0147e0db5fd49b42c912f6f4dbe594 (patch)
tree: 89ff1a35c58e71e2c3fc4a395725258479a5afdf /usr.bin/ssh/ssh-pkcs11.c
parent: the previous hkey version check was not accurate enough, so try the (diff)
download: wireguard-openbsd-7b1c23727e0147e0db5fd49b42c912f6f4dbe594.tar.xz
wireguard-openbsd-7b1c23727e0147e0db5fd49b42c912f6f4dbe594.zip
1 files changed, 3 insertions, 1 deletions
diff --git a/usr.bin/ssh/ssh-pkcs11.c b/usr.bin/ssh/ssh-pkcs11.c
index e3cd8e2c46e..2d52ae4e309 100644
--- a/usr.bin/ssh/ssh-pkcs11.c
+++ b/usr.bin/ssh/ssh-pkcs11.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssh-pkcs11.c,v 1.42 2019/02/04 23:37:54 djm Exp $ */
+/* $OpenBSD: ssh-pkcs11.c,v 1.43 2019/03/08 17:24:43 markus Exp $ */
 /*
  * Copyright (c) 2010 Markus Friedl.  All rights reserved.
  * Copyright (c) 2014 Pedro Martelletto. All rights reserved.
@@ -1107,6 +1107,7 @@ pkcs11_fetch_certs(struct pkcs11_provider *p, CK_ULONG slotidx,
 			break;
 		default:
 			/* XXX print key type? */
+			key = NULL;
 			error("skipping unsupported certificate type");
 		}
 
@@ -1206,6 +1207,7 @@ pkcs11_fetch_keys(struct pkcs11_provider *p, CK_ULONG slotidx,
 			break;
 		default:
 			/* XXX print key type? */
+			key = NULL;
 			error("skipping unsupported key type");
 		}
author	markus <markus@openbsd.org>	2019-03-08 17:24:43 +0000
committer	markus <markus@openbsd.org>	2019-03-08 17:24:43 +0000
commit	7b1c23727e0147e0db5fd49b42c912f6f4dbe594 (patch)
tree	89ff1a35c58e71e2c3fc4a395725258479a5afdf /usr.bin/ssh/ssh-pkcs11.c
parent	the previous hkey version check was not accurate enough, so try the (diff)
download	wireguard-openbsd-7b1c23727e0147e0db5fd49b42c912f6f4dbe594.tar.xz wireguard-openbsd-7b1c23727e0147e0db5fd49b42c912f6f4dbe594.zip