1
0
mirror of https://git.tartarus.org/simon/putty.git synced 2025-01-10 01:48:00 +00:00

Move null pointer checks to before FROMFIELD.

This fixes an oversight in commit 0fc2d3b45: if a key creation
function returns a null 'ssh_key *', then adjusting the pointer's
address using FROMFIELD is a mistake, both in technical C terms
(undefined behaviour) and practically speaking because it will foil
the subsequent check against NULL. Instead, if we're going to check a
pointer against NULL, we must do it _before_ applying this kind of
address-adjusting type conversion.
This commit is contained in:
Simon Tatham 2018-05-31 18:32:09 +01:00
parent 2cf07bb8fe
commit 619f6722d8
3 changed files with 40 additions and 23 deletions

View File

@ -295,6 +295,7 @@ static ssh_key *dss_createkey(const ssh_keyalg *self,
const void *pub_blob, int pub_len, const void *pub_blob, int pub_len,
const void *priv_blob, int priv_len) const void *priv_blob, int priv_len)
{ {
ssh_key *sshk;
struct dss_key *dss; struct dss_key *dss;
const char *pb = (const char *) priv_blob; const char *pb = (const char *) priv_blob;
const char *hash; const char *hash;
@ -303,10 +304,11 @@ static ssh_key *dss_createkey(const ssh_keyalg *self,
unsigned char digest[20]; unsigned char digest[20];
Bignum ytest; Bignum ytest;
dss = FROMFIELD(dss_newkey(self, pub_blob, pub_len), sshk = dss_newkey(self, pub_blob, pub_len);
struct dss_key, sshk); if (!sshk)
if (!dss)
return NULL; return NULL;
dss = FROMFIELD(sshk, struct dss_key, sshk);
dss->x = getmp(&pb, &priv_len); dss->x = getmp(&pb, &priv_len);
if (!dss->x) { if (!dss->x) {
dss_freekey(&dss->sshk); dss_freekey(&dss->sshk);
@ -382,13 +384,15 @@ static void dss_openssh_fmtkey(ssh_key *key, BinarySink *bs)
static int dss_pubkey_bits(const ssh_keyalg *self, static int dss_pubkey_bits(const ssh_keyalg *self,
const void *blob, int len) const void *blob, int len)
{ {
ssh_key *sshk;
struct dss_key *dss; struct dss_key *dss;
int ret; int ret;
dss = FROMFIELD(dss_newkey(self, blob, len), sshk = dss_newkey(self, blob, len);
struct dss_key, sshk); if (!sshk)
if (!dss)
return -1; return -1;
dss = FROMFIELD(sshk, struct dss_key, sshk);
ret = bignum_bitcount(dss->p); ret = bignum_bitcount(dss->p);
dss_freekey(&dss->sshk); dss_freekey(&dss->sshk);

View File

@ -1734,8 +1734,10 @@ struct ecsign_extra {
static void ecdsa_freekey(ssh_key *key) static void ecdsa_freekey(ssh_key *key)
{ {
struct ec_key *ec = FROMFIELD(key, struct ec_key, sshk); struct ec_key *ec;
if (!ec) return;
if (!key) return;
ec = FROMFIELD(key, struct ec_key, sshk);
if (ec->publicKey.x) if (ec->publicKey.x)
freebn(ec->publicKey.x); freebn(ec->publicKey.x);
@ -1909,15 +1911,16 @@ static ssh_key *ecdsa_createkey(const ssh_keyalg *self,
const void *pub_blob, int pub_len, const void *pub_blob, int pub_len,
const void *priv_blob, int priv_len) const void *priv_blob, int priv_len)
{ {
ssh_key *sshk;
struct ec_key *ec; struct ec_key *ec;
struct ec_point *publicKey; struct ec_point *publicKey;
const char *pb = (const char *) priv_blob; const char *pb = (const char *) priv_blob;
ec = FROMFIELD(ecdsa_newkey(self, pub_blob, pub_len), sshk = ecdsa_newkey(self, pub_blob, pub_len);
struct ec_key, sshk); if (!sshk)
if (!ec) {
return NULL; return NULL;
}
ec = FROMFIELD(sshk, struct ec_key, sshk);
if (ec->publicKey.curve->type != EC_WEIERSTRASS if (ec->publicKey.curve->type != EC_WEIERSTRASS
&& ec->publicKey.curve->type != EC_EDWARDS) { && ec->publicKey.curve->type != EC_EDWARDS) {
@ -2147,13 +2150,15 @@ static void ecdsa_openssh_fmtkey(ssh_key *key, BinarySink *bs)
static int ecdsa_pubkey_bits(const ssh_keyalg *self, static int ecdsa_pubkey_bits(const ssh_keyalg *self,
const void *blob, int len) const void *blob, int len)
{ {
ssh_key *sshk;
struct ec_key *ec; struct ec_key *ec;
int ret; int ret;
ec = FROMFIELD(ecdsa_newkey(self, blob, len), sshk = ecdsa_newkey(self, blob, len);
struct ec_key, sshk); if (!sshk)
if (!ec)
return -1; return -1;
ec = FROMFIELD(sshk, struct ec_key, sshk);
ret = ec->publicKey.curve->fieldBits; ret = ec->publicKey.curve->fieldBits;
ecdsa_freekey(&ec->sshk); ecdsa_freekey(&ec->sshk);

View File

@ -601,11 +601,15 @@ static ssh_key *rsa2_createkey(const ssh_keyalg *self,
const void *pub_blob, int pub_len, const void *pub_blob, int pub_len,
const void *priv_blob, int priv_len) const void *priv_blob, int priv_len)
{ {
ssh_key *sshk;
struct RSAKey *rsa; struct RSAKey *rsa;
const char *pb = (const char *) priv_blob; const char *pb = (const char *) priv_blob;
rsa = FROMFIELD(rsa2_newkey(self, pub_blob, pub_len), sshk = rsa2_newkey(self, pub_blob, pub_len);
struct RSAKey, sshk); if (!sshk)
return NULL;
rsa = FROMFIELD(sshk, struct RSAKey, sshk);
rsa->private_exponent = getmp(&pb, &priv_len); rsa->private_exponent = getmp(&pb, &priv_len);
rsa->p = getmp(&pb, &priv_len); rsa->p = getmp(&pb, &priv_len);
rsa->q = getmp(&pb, &priv_len); rsa->q = getmp(&pb, &priv_len);
@ -664,13 +668,15 @@ static void rsa2_openssh_fmtkey(ssh_key *key, BinarySink *bs)
static int rsa2_pubkey_bits(const ssh_keyalg *self, static int rsa2_pubkey_bits(const ssh_keyalg *self,
const void *blob, int len) const void *blob, int len)
{ {
ssh_key *sshk;
struct RSAKey *rsa; struct RSAKey *rsa;
int ret; int ret;
rsa = FROMFIELD(rsa2_newkey(self, blob, len), sshk = rsa2_newkey(self, blob, len);
struct RSAKey, sshk); if (!sshk)
if (!rsa) return -1;
return -1;
rsa = FROMFIELD(sshk, struct RSAKey, sshk);
ret = bignum_bitcount(rsa->modulus); ret = bignum_bitcount(rsa->modulus);
rsa2_freekey(&rsa->sshk); rsa2_freekey(&rsa->sshk);
@ -818,8 +824,10 @@ const ssh_keyalg ssh_rsa = {
struct RSAKey *ssh_rsakex_newkey(const void *data, int len) struct RSAKey *ssh_rsakex_newkey(const void *data, int len)
{ {
return FROMFIELD(rsa2_newkey(&ssh_rsa, data, len), ssh_key *sshk = rsa2_newkey(&ssh_rsa, data, len);
struct RSAKey, sshk); if (!sshk)
return NULL;
return FROMFIELD(sshk, struct RSAKey, sshk);
} }
void ssh_rsakex_freekey(struct RSAKey *key) void ssh_rsakex_freekey(struct RSAKey *key)