`dwalin' spotted a NULL dereference in the new makekey() error

[u/mdw/putty] / sshrsa.c

diff --git a/sshrsa.c b/sshrsa.c
index f684c2a..baec83e 100644 (file)
--- a/sshrsa.c
+++ b/sshrsa.c
@@ -54,7 +54,7 @@ int makekey(unsigned char *data, int len, struct RSAKey *result,
     }
 
     n = ssh1_read_bignum(p, len, result ? &result->modulus : NULL);
-    if (n < 0 || bignum_bitcount(result->modulus) == 0) return -1;
+    if (n < 0 || (result && bignum_bitcount(result->modulus) == 0)) return -1;
     if (result)
        result->bytes = n - 2;
     if (keystr)