nhyatt/putty-source
1
0
Fork 0
mirror of https://git.tartarus.org/simon/putty.git synced 2025-06-30 19:12:48 -05:00
Code Issues Projects Releases Wiki Activity

Fix a segfault in parsing OpenSSH private key files.

Browse Source 
The initial test for a line ending with "PRIVATE KEY-----" failed to
take into account the possibility that the line might be shorter than
that. Fixed by introducing a new library function strendswith(), and
strstartswith() for good measure, and using that.

Thanks to Hanno Böck for spotting this, with the aid of AFL.
This commit is contained in:
Simon Tatham
2015-11-10 18:47:55 +00:00
parent a454399ec8
commit fa7b23ce90
3 changed files with 17 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
misc.c
View File

@ -1087,3 +1087,14 @@ int get_ssh_uint32(int *datalen, const void **data, unsigned *ret)
*data = (const char *)*data + 4;
return TRUE;
}
int strstartswith(const char *s, const char *t)
{
return !memcmp(s, t, strlen(t));
}
int strendswith(const char *s, const char *t)
{
size_t slen = strlen(s), tlen = strlen(t);
return slen >= tlen && !strcmp(s + (slen - tlen), t);
}