From 0c21eb444794512ba1106d4a3bc3380861566099 Mon Sep 17 00:00:00 2001
From: Simon Tatham <anakin@pobox.com>
Date: Wed, 19 May 2021 10:42:42 +0100
Subject: [PATCH] cmdgen: add missing null pointer check in --dump mode.

A user pointed out that once we've identified the key algorithm from
an apparent public-key blob, we call ssh_key_new_pub on the blob data
and assume it will succeed. But there are plenty of ways it could
still fail, and ssh_key_new_pub could return NULL.
---
 cmdgen.c | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/cmdgen.c b/cmdgen.c
index 3301b410..be40fe1d 100644
--- a/cmdgen.c
+++ b/cmdgen.c
@@ -1283,6 +1283,10 @@ int main(int argc, char **argv)
                 }
                 ssh_key *sk = ssh_key_new_pub(
                     alg, ptrlen_from_strbuf(ssh2blob));
+                if (!sk) {
+                    fprintf(stderr, "puttygen: unable to decode public key\n");
+                    RETURN(1);
+                }
                 kc = ssh_key_components(sk);
                 ssh_key_free(sk);
             }