projects / u / mdw / putty / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Add an assertion so that short-rsa2-key-crash at least avoids segfaulting
[u/mdw/putty] / sshrsa.c
diff --git a/sshrsa.c b/sshrsa.c
index baec83e..4f95fb3 100644 (file)
--- a/sshrsa.c
+++ b/sshrsa.c
@@ -802,6 +802,7 @@ static unsigned char *rsa2_sign(void *key, char *data, int datalen,
     SHA_Simple(data, datalen, hash);
 
     nbytes = (bignum_bitcount(rsa->modulus) - 1) / 8;
+    assert(1 <= nbytes - 20 - ASN1_LEN);
     bytes = snewn(nbytes, unsigned char);
 
     bytes[0] = 1;
Local modifications for Simon Tatham's `PuTTY' SSH client and terminal emulator