From 7b0292b2c359ab37811d658c4afe49d721b6253d Mon Sep 17 00:00:00 2001 From: Simon Tatham Date: Thu, 28 Apr 2022 12:50:00 +0100 Subject: [PATCH] Fix translation of legacy key format *again*. As well as eliminating the null-pointer dereference, I also now realise that the format-translation code depended on leaving the final translated string in 'otherstr' in order to pass the host key check afterwards (if they match). I've also now realised that this only applies to *SSH-1* RSA keys, so it's even more obsolete than I thought before. Perhaps I should just remove this code instead of spending all this effort on fixing it. But I've done the fix now, so I'll commit it, and then maybe we can remove it afterwards (and have a working version of it available to resurrect if ever needed!). --- windows/storage.c | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/windows/storage.c b/windows/storage.c index e386213c..7e74e392 100644 --- a/windows/storage.c +++ b/windows/storage.c @@ -321,9 +321,12 @@ int check_stored_host_key(const char *hostname, int port, * format. If not, we'll assume something odd went * wrong, and hyper-cautiously do nothing. */ - if (!strcmp(new->s, key)) + if (!strcmp(new->s, key)) { put_reg_sz(rkey, regname->s, new->s); - strbuf_free(new); + otherstr = strbuf_to_str(new); + } else { + strbuf_free(new); + } } sfree(oldstyle);