X-Git-Url: https://git.distorted.org.uk/~mdw/sgt/putty/blobdiff_plain/af1da2469967bdb6fcabd17750d1c5f88a3389d0..9febf7ed49d2d2f13d9addc7714acd492c2c7111:/sshrsa.c

diff --git a/sshrsa.c b/sshrsa.c
index 163a92b0..c4a469ee 100644
--- a/sshrsa.c
+++ b/sshrsa.c
@@ -413,6 +413,7 @@ int rsa_verify(struct RSAKey *key)
     pm1 = copybn(key->p);
     decbn(pm1);
     ed = modmul(key->exponent, key->private_exponent, pm1);
+    freebn(pm1);
     cmp = bignum_cmp(ed, One);
     sfree(ed);
     if (cmp != 0)
@@ -421,6 +422,7 @@ int rsa_verify(struct RSAKey *key)
     qm1 = copybn(key->q);
     decbn(qm1);
     ed = modmul(key->exponent, key->private_exponent, qm1);
+    freebn(qm1);
     cmp = bignum_cmp(ed, One);
     sfree(ed);
     if (cmp != 0)
@@ -525,7 +527,7 @@ static void getstring(char **data, int *datalen, char **p, int *length)
     *p = NULL;
     if (*datalen < 4)
 	return;
-    *length = GET_32BIT(*data);
+    *length = toint(GET_32BIT(*data));
     if (*length < 0)
         return;
     *datalen -= 4;
@@ -840,6 +842,8 @@ static int rsa2_verifysig(void *key, char *sig, int siglen,
 	return 0;
     }
     in = getmp(&sig, &siglen);
+    if (!in)
+        return 0;
     out = modpow(in, rsa->exponent, rsa->modulus);
     freebn(in);