nhyatt/putty-source
1
0
Fork 0
mirror of https://git.tartarus.org/simon/putty.git synced 2025-04-15 01:58:05 -05:00
Code Issues Projects Releases Wiki Activity

cmdgen: add missing null pointer check in --dump mode.

Browse Source 
A user pointed out that once we've identified the key algorithm from
an apparent public-key blob, we call ssh_key_new_pub on the blob data
and assume it will succeed. But there are plenty of ways it could
still fail, and ssh_key_new_pub could return NULL.

(cherry picked from commit 0c21eb444794512ba1106d4a3bc3380861566099)
This commit is contained in:
Simon Tatham 2021-05-19 10:42:42 +01:00
parent 11b89407f5
commit 27a04d96a3
1 changed files with 4 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
cmdgen.c
View File

@ -1283,6 +1283,10 @@ int main(int argc, char **argv)
}
ssh_key *sk = ssh_key_new_pub(
alg, ptrlen_from_strbuf(ssh2blob));
if (!sk) {
fprintf(stderr, "puttygen: unable to decode public key\n");
RETURN(1);
}
kc = ssh_key_components(sk);
ssh_key_free(sk);
}