Add some missing bounds checks in signature verification routines.

[originally from svn r9978]
2025-07-12 00:33:53 -05:00 · 2013-08-02 06:27:56 +00:00
parent e01104f899
commit 6184e9f95d
2 changed files with 5 additions and 0 deletions
--- a/sshdss.c
+++ b/sshdss.c
@ -72,6 +72,9 @@ static Bignum get160(char **data, int *datalen)
 {
    Bignum b;

+    if (*datalen < 20)
+        return NULL;
+
    b = bignum_from_bytes((unsigned char *)*data, 20);
    *data += 20;
    *datalen -= 20;
--- a/sshrsa.c
+++ b/sshrsa.c
@ -842,6 +842,8 @@ static int rsa2_verifysig(void *key, char *sig, int siglen,
 	return 0;
    }
    in = getmp(&sig, &siglen);
+    if (!in)
+        return 0;
    out = modpow(in, rsa->exponent, rsa->modulus);
    freebn(in);