Add another missing bounds check in the SSH-1 private key loader.

[originally from svn r9904]
2025-04-09 15:18:06 -05:00 · 2013-07-11 17:24:01 +00:00 · 2013-07-11 17:24:01 +00:00 · 1dbdd2c43f
commit 1dbdd2c43f
parent bc2076185e
1 changed files with 1 additions and 1 deletions
--- a/sshpubk.c
+++ b/sshpubk.c
@ -74,7 +74,7 @@ static int loadrsakey_main(FILE * fp, struct RSAKey *key, int pub_only,
    /* Next, the comment field. */
    j = GET_32BIT(buf + i);
    i += 4;
-    if (len - i < j)
+    if (j < 0 || len - i < j)
 	goto end;
    comment = snewn(j + 1, char);
    if (comment) {