From 35a4283615ab07ab122feabd0444c86f0ab495ca Mon Sep 17 00:00:00 2001 From: Simon Tatham Date: Mon, 15 Oct 2018 18:53:25 +0100 Subject: [PATCH] Loosen the validity check in get_mp_ssh1. The SSH-1 spec says that it's legitimate to write an mp-int in which the prefixed uint16 bit count is greater than the minimum number of bits required to represent the number. I was enforcing that they had to be actually equal, on pain of a BinarySource decoding error. --- sshbn.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/sshbn.c b/sshbn.c index 9c36f531..17293762 100644 --- a/sshbn.c +++ b/sshbn.c @@ -1588,7 +1588,9 @@ Bignum BinarySource_get_mp_ssh1(BinarySource *src) return bignum_from_long(0); } else { Bignum toret = bignum_from_bytes(bytes.ptr, bytes.len); - if (bignum_bitcount(toret) != bitc) { + /* SSH-1.5 spec says that it's OK for the prefix uint16 to be + * _greater_ than the actual number of bits */ + if (bignum_bitcount(toret) > bitc) { src->err = BSE_INVALID; freebn(toret); toret = bignum_from_long(0);