~mdw
/
sgt
/
putty
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
Add some missing bounds checks in signature verification routines.
[sgt/putty]
/
sshrsa.c
diff --git
a/sshrsa.c
b/sshrsa.c
index
163a92b
..
c4a469e
100644
(file)
--- a/
sshrsa.c
+++ b/
sshrsa.c
@@
-413,6
+413,7
@@
int rsa_verify(struct RSAKey *key)
pm1 = copybn(key->p);
decbn(pm1);
ed = modmul(key->exponent, key->private_exponent, pm1);
pm1 = copybn(key->p);
decbn(pm1);
ed = modmul(key->exponent, key->private_exponent, pm1);
+ freebn(pm1);
cmp = bignum_cmp(ed, One);
sfree(ed);
if (cmp != 0)
cmp = bignum_cmp(ed, One);
sfree(ed);
if (cmp != 0)
@@
-421,6
+422,7
@@
int rsa_verify(struct RSAKey *key)
qm1 = copybn(key->q);
decbn(qm1);
ed = modmul(key->exponent, key->private_exponent, qm1);
qm1 = copybn(key->q);
decbn(qm1);
ed = modmul(key->exponent, key->private_exponent, qm1);
+ freebn(qm1);
cmp = bignum_cmp(ed, One);
sfree(ed);
if (cmp != 0)
cmp = bignum_cmp(ed, One);
sfree(ed);
if (cmp != 0)
@@
-525,7
+527,7
@@
static void getstring(char **data, int *datalen, char **p, int *length)
*p = NULL;
if (*datalen < 4)
return;
*p = NULL;
if (*datalen < 4)
return;
- *length =
GET_32BIT(*data
);
+ *length =
toint(GET_32BIT(*data)
);
if (*length < 0)
return;
*datalen -= 4;
if (*length < 0)
return;
*datalen -= 4;
@@
-840,6
+842,8
@@
static int rsa2_verifysig(void *key, char *sig, int siglen,
return 0;
}
in = getmp(&sig, &siglen);
return 0;
}
in = getmp(&sig, &siglen);
+ if (!in)
+ return 0;
out = modpow(in, rsa->exponent, rsa->modulus);
freebn(in);
out = modpow(in, rsa->exponent, rsa->modulus);
freebn(in);