From: simon Date: Sun, 4 Aug 2013 19:33:49 +0000 (+0000) Subject: Validate newly created DSA keys more carefully. Don't want a structure X-Git-Url: https://git.distorted.org.uk/u/mdw/putty/commitdiff_plain/36a70e5cb235ac7c3c1e18b535c3b31695785f8c Validate newly created DSA keys more carefully. Don't want a structure half-filled with null pointers. git-svn-id: svn://svn.tartarus.org/sgt/putty@9986 cda61777-01e9-0310-a592-d414129be87e --- diff --git a/sshdss.c b/sshdss.c index e634b984..eba03aa8 100644 --- a/sshdss.c +++ b/sshdss.c @@ -82,6 +82,8 @@ static Bignum get160(char **data, int *datalen) return b; } +static void dss_freekey(void *key); /* forward reference */ + static void *dss_newkey(char *data, int len) { char *p; @@ -111,6 +113,13 @@ static void *dss_newkey(char *data, int len) dss->y = getmp(&data, &len); dss->x = NULL; + if (!dss->p || !dss->q || !dss->g || !dss->y || + !bignum_cmp(dss->q, Zero) || !bignum_cmp(dss->p, Zero)) { + /* Invalid key. */ + dss_freekey(dss); + return NULL; + } + return dss; } @@ -389,7 +398,13 @@ static void *dss_createkey(unsigned char *pub_blob, int pub_len, Bignum ytest; dss = dss_newkey((char *) pub_blob, pub_len); + if (!dss) + return NULL; dss->x = getmp(&pb, &priv_len); + if (!dss->x) { + dss_freekey(dss); + return NULL; + } /* * Check the obsolete hash in the old DSS key format. @@ -435,14 +450,11 @@ static void *dss_openssh_createkey(unsigned char **blob, int *len) dss->y = getmp(b, len); dss->x = getmp(b, len); - if (!dss->p || !dss->q || !dss->g || !dss->y || !dss->x) { - freebn(dss->p); - freebn(dss->q); - freebn(dss->g); - freebn(dss->y); - freebn(dss->x); - sfree(dss); - return NULL; + if (!dss->p || !dss->q || !dss->g || !dss->y || !dss->x || + !bignum_cmp(dss->q, Zero) || !bignum_cmp(dss->p, Zero)) { + /* Invalid key. */ + dss_freekey(dss); + return NULL; } return dss; @@ -482,6 +494,8 @@ static int dss_pubkey_bits(void *blob, int len) int ret; dss = dss_newkey((char *) blob, len); + if (!dss) + return -1; ret = bignum_bitcount(dss->p); dss_freekey(dss);