Source-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[src/trunk]: src/crypto/external/bsd/openssh/dist CID-1128381: Avoid use afte...
details: https://anonhg.NetBSD.org/src/rev/8620754da179
branches: trunk
changeset: 791277:8620754da179
user: christos <christos%NetBSD.org@localhost>
date: Mon Nov 11 16:32:10 2013 +0000
description:
CID-1128381: Avoid use after free
diffstat:
crypto/external/bsd/openssh/dist/key.c | 6 ++++--
crypto/external/bsd/openssh/dist/ssh-pkcs11-helper.c | 7 ++++---
2 files changed, 8 insertions(+), 5 deletions(-)
diffs (55 lines):
diff -r 7c132584d321 -r 8620754da179 crypto/external/bsd/openssh/dist/key.c
--- a/crypto/external/bsd/openssh/dist/key.c Mon Nov 11 15:53:56 2013 +0000
+++ b/crypto/external/bsd/openssh/dist/key.c Mon Nov 11 16:32:10 2013 +0000
@@ -1,4 +1,4 @@
-/* $NetBSD: key.c,v 1.13 2013/11/08 19:18:25 christos Exp $ */
+/* $NetBSD: key.c,v 1.14 2013/11/11 16:32:10 christos Exp $ */
/* $OpenBSD: key.c,v 1.104 2013/05/19 02:42:42 djm Exp $ */
/*
* read_bignum():
@@ -36,7 +36,7 @@
*/
#include "includes.h"
-__RCSID("$NetBSD: key.c,v 1.13 2013/11/08 19:18:25 christos Exp $");
+__RCSID("$NetBSD: key.c,v 1.14 2013/11/11 16:32:10 christos Exp $");
#include <sys/param.h>
#include <sys/types.h>
@@ -1512,6 +1512,8 @@
Buffer b;
int len, type;
+ if (blobp)
+ *blobp = NULL;
if (key == NULL) {
error("key_to_blob: key == NULL");
return 0;
diff -r 7c132584d321 -r 8620754da179 crypto/external/bsd/openssh/dist/ssh-pkcs11-helper.c
--- a/crypto/external/bsd/openssh/dist/ssh-pkcs11-helper.c Mon Nov 11 15:53:56 2013 +0000
+++ b/crypto/external/bsd/openssh/dist/ssh-pkcs11-helper.c Mon Nov 11 16:32:10 2013 +0000
@@ -1,4 +1,4 @@
-/* $NetBSD: ssh-pkcs11-helper.c,v 1.5 2013/11/08 19:18:25 christos Exp $ */
+/* $NetBSD: ssh-pkcs11-helper.c,v 1.6 2013/11/11 16:32:10 christos Exp $ */
/* $OpenBSD: ssh-pkcs11-helper.c,v 1.6 2013/05/17 00:13:14 djm Exp $ */
/*
* Copyright (c) 2010 Markus Friedl. All rights reserved.
@@ -16,7 +16,7 @@
* OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
*/
#include "includes.h"
-__RCSID("$NetBSD: ssh-pkcs11-helper.c,v 1.5 2013/11/08 19:18:25 christos Exp $");
+__RCSID("$NetBSD: ssh-pkcs11-helper.c,v 1.6 2013/11/11 16:32:10 christos Exp $");
#include <sys/queue.h>
#include <sys/types.h>
@@ -124,7 +124,8 @@
buffer_put_char(&msg, SSH2_AGENT_IDENTITIES_ANSWER);
buffer_put_int(&msg, nkeys);
for (i = 0; i < nkeys; i++) {
- key_to_blob(keys[i], &blob, &blen);
+ if (key_to_blob(keys[i], &blob, &blen) == 0)
+ continue;
buffer_put_string(&msg, blob, blen);
buffer_put_cstring(&msg, name);
free(blob);
Home |
Main Index |
Thread Index |
Old Index