projects
/
u
/
mdw
/
putty
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
Replace some 'sfree' calls of bignums with the proper 'freebn'.
[u/mdw/putty]
/
sshpubk.c
diff --git
a/sshpubk.c
b/sshpubk.c
index
c29d8a5
..
ac9e0fa
100644
(file)
--- a/
sshpubk.c
+++ b/
sshpubk.c
@@
-67,14
+67,15
@@
static int loadrsakey_main(FILE * fp, struct RSAKey *key, int pub_only,
i += 4;
/* Now the serious stuff. An ordinary SSH-1 public key. */
i += 4;
/* Now the serious stuff. An ordinary SSH-1 public key. */
-
i +
= makekey(buf + i, len, key, NULL, 1);
- if (
i
< 0)
+
j
= makekey(buf + i, len, key, NULL, 1);
+ if (
j
< 0)
goto end; /* overran */
goto end; /* overran */
+ i += j;
/* Next, the comment field. */
/* Next, the comment field. */
- j =
GET_32BIT(buf + i
);
+ j =
toint(GET_32BIT(buf + i)
);
i += 4;
i += 4;
- if (len - i < j)
+ if (
j < 0 ||
len - i < j)
goto end;
comment = snewn(j + 1, char);
if (comment) {
goto end;
comment = snewn(j + 1, char);
if (comment) {
@@
-257,8
+258,8
@@
int rsakey_pubblob(const Filename *filename, void **blob, int *bloblen,
*blob = rsa_public_blob(&key, bloblen);
freersakey(&key);
ret = 1;
*blob = rsa_public_blob(&key, bloblen);
freersakey(&key);
ret = 1;
- fp = NULL;
}
}
+ fp = NULL; /* loadrsakey_main unconditionally closes fp */
} else {
error = "not an SSH-1 RSA file";
}
} else {
error = "not an SSH-1 RSA file";
}
@@
-462,7
+463,7
@@
static int read_header(FILE * fp, char *header)
int len = 39;
int c;
int len = 39;
int c;
- while (
len > 0
) {
+ while (
1
) {
c = fgetc(fp);
if (c == '\n' || c == '\r' || c == EOF)
return 0; /* failure */
c = fgetc(fp);
if (c == '\n' || c == '\r' || c == EOF)
return 0; /* failure */
@@
-647,6
+648,11
@@
struct ssh2_userkey *ssh2_load_userkey(const Filename *filename,
/* this is an old key file; warn and then continue */
old_keyfile_warning();
old_fmt = 1;
/* this is an old key file; warn and then continue */
old_keyfile_warning();
old_fmt = 1;
+ } else if (0 == strncmp(header, "PuTTY-User-Key-File-", 20)) {
+ /* this is a key file FROM THE FUTURE; refuse it, but with a
+ * more specific error message than the generic one below */
+ error = "PuTTY key format too new";
+ goto error;
} else {
error = "not a PuTTY SSH-2 private key";
goto error;
} else {
error = "not a PuTTY SSH-2 private key";
goto error;
@@
-674,7
+680,6
@@
struct ssh2_userkey *ssh2_load_userkey(const Filename *filename,
cipher = 0;
cipherblk = 1;
} else {
cipher = 0;
cipherblk = 1;
} else {
- sfree(encryption);
goto error;
}
goto error;
}
@@
-891,7
+896,10
@@
unsigned char *ssh2_userkey_loadpub(const Filename *filename, char **algorithm,
if (!read_header(fp, header)
|| (0 != strcmp(header, "PuTTY-User-Key-File-2") &&
0 != strcmp(header, "PuTTY-User-Key-File-1"))) {
if (!read_header(fp, header)
|| (0 != strcmp(header, "PuTTY-User-Key-File-2") &&
0 != strcmp(header, "PuTTY-User-Key-File-1"))) {
- error = "not a PuTTY SSH-2 private key";
+ if (0 == strncmp(header, "PuTTY-User-Key-File-", 20))
+ error = "PuTTY key format too new";
+ else
+ error = "not a PuTTY SSH-2 private key";
goto error;
}
error = "file format error";
goto error;
}
error = "file format error";
@@
-1000,6
+1008,8
@@
int ssh2_userkey_encrypted(const Filename *filename, char **commentptr)
if (commentptr)
*commentptr = comment;
if (commentptr)
*commentptr = comment;
+ else
+ sfree(comment);
fclose(fp);
if (!strcmp(b, "aes256-cbc"))
fclose(fp);
if (!strcmp(b, "aes256-cbc"))