1
0
mirror of https://git.tartarus.org/simon/putty.git synced 2025-01-25 01:02:24 +00:00

Tighten up a comparison in ssh2_userauth_add_sigblob.

If a malicious SSH agent were to send an RSA signature blob _longer_
than the key modulus while BUG_SSH2_RSA_PADDING was enabled, then it
could DoS the client, because the put_padding call would keep
allocating memory in 'strbuf *substr' until address space ran out.
This commit is contained in:
Simon Tatham 2019-10-14 19:58:59 +01:00
parent f955300576
commit 4510a622ea

View File

@ -1788,7 +1788,7 @@ static void ssh2_userauth_add_sigblob(
/* debug("modulus length is %d\n", len); */ /* debug("modulus length is %d\n", len); */
/* debug("signature length is %d\n", siglen); */ /* debug("signature length is %d\n", siglen); */
if (mod_mp.len != sig_mp.len) { if (mod_mp.len > sig_mp.len) {
strbuf *substr = strbuf_new(); strbuf *substr = strbuf_new();
put_data(substr, sigblob.ptr, sig_prefix_len); put_data(substr, sigblob.ptr, sig_prefix_len);
put_uint32(substr, mod_mp.len); put_uint32(substr, mod_mp.len);