import.c, and my attempts to reproduce them in cmdgen found another
one there :-)
git-svn-id: svn://svn.tartarus.org/sgt/putty@3847
cda61777-01e9-0310-a592-
d414129be87e
case SSH_KEYTYPE_OPENSSH:
case SSH_KEYTYPE_SSHCOM:
ssh2key = import_ssh2(&infilename, intype, passphrase);
- if (ssh2key)
+ if (ssh2key && ssh2key != SSH2_WRONG_PASSPHRASE)
error = NULL;
else if (!error) {
if (ssh2key == SSH2_WRONG_PASSPHRASE)
if (ret < 0 || id != 2 ||
key->keyblob+key->keyblob_len-p < len) {
errmsg = "ASN.1 decoding failure";
+ retval = SSH2_WRONG_PASSPHRASE;
goto error;
}
* Strip away the containing string to get to the real meat.
*/
len = GET_32BIT(ciphertext);
- if (len > cipherlen-4) {
+ if (len < 0 || len > cipherlen-4) {
errmsg = "containing string was ill-formed";
goto error;
}